Whilst the need for verification to promote e-commerce is relatively clear, the needs of business and governments in verifying identity must be carefully considered in the light of individual privacy and the increasing requirement that individuals reveal more and more details about their personal lives. Are we in danger of becoming so transparent to the data banks that the privacy of the individual is only to be found inside one's own skull? The amount of unique data that will be required to verify identity will need to be carefully protected to ensure that such potentially sensitive personal information does not enter into the public domain.
The act of signing a document to guarantee its legitimacy is made less useful in the light of fears of tampering and hacking particularly when transactions are made electronically. The use of cryptography and keysigning is perhaps one way that verification of identity can be assured, but the recent moves attempting to limit its use or at least to control it, means that privacy and civil liberties may be undermined at every juncture.
As consumers, we need to be assured that our credit card details do not go astray, and that only those documents with our authorization and verification will be acted upon. The idea that someone may use our identity for their own means, or that third parties may access sensitive information is of concern to many, thus making the use of authentication and security more vital.
The problems associated with authentication are not just related to the verification of identity but also involve greater public policy issues, which includes the amount and kind of data required to confirm the identity of someone. The use and access to such data is also an issue of major importance. This is due to its potential for abuse by organizations seeking to maximize profits by using the data for marketing purposes. Therefore the confirmation of individual identity becomes an emotive issue which requires much debate and setting of boundaries of implementation and the need to identify the potential use made of information, beyond its initial purpose.
Moving forward, the need for clear understanding, not only by academics, but by all members of society was stressed in order that trust in Certification Organizations and the security of the data banks they maintain is assured. The problem of names was also discussed in that there is a problem of identification where individuals of similar or the same name are identified. This is particularly evident within online communities, which have many thousand or even millions of potential participants.
Perhaps one of the most difficult areas to be resolved is how to square the circle between the need for authentication and the desire to maintain the privacy of the individual. This was seen as an area in need of much further research to overcome.