Do you consent to receiving Google Analytics cookies? We use these to aid in improving and maintaining our website. This site also requires other cookies to function correctly. More information.This site requires Javascript to function correctly

Cookies and your privacy

In accordance with the ICO's EU e-Privacy Directive and to help protect your privacy we are making you aware of the use of cookies on this site.

The only cookies used to track your behaviour on this site are those used in Google Analytics. Google Inc are members of the US Safe Harbor Scheme. This scheme allows the transfer of data from within the EEA to countries that are outside of the EEA without having to enter into a specific data transfer agreement. Companies that sign up to the scheme are deemed to provide adequate protection for personal data transmitted from Europe. Google Inc's registration is at http://safeharbor.export.gov/companyinfo.aspx?id=10543.

For more information on the cookies set by Google Analytics please go to: http://code.google.com/apis/analytics/docs/concepts/gaConceptsCookies.html.

This site also makes use of other essential Anonymous cookies, and the site won't work as expected without them. If you don't accept these anonymous cookies some features of the site may be unavailable.

Please note disabling Goolge analytics will prevent us from gaining accurate insights into the use of this site and hinder future improvements.

UKAuthority.com's full privacy statement.

UKAuthority.com

Trusted. Independent. Public sector technology news.

Friday 3 February 2012Author: Dan Jellinek

Calls for government ID to help fight phishers and spammers

The identity assurance system used to access some online government services could be expanded to help people check other individuals' identities online, a leading computer security analyst has told UKAuthority.com.

A Commons Science and Technology Committee report on malware and cyber crime published last week noted that "The government 'digital by default' policy will increasingly require those in receipt of government benefits and services to access these online. We are concerned that this policy may increase the number of users without the means to afford the best equipment or antivirus software online or the level of knowledge to understand what is necessary to remain secure.

"We accept that the government's digital identity assurance scheme... is designed to provide security in accessing those services. However, we also have concerns that the scheme will be of greater use in protecting the government against welfare fraud than the individual user against crime."

Professor Peter Sommer, a computer forensics specialist at the Open University who gave evidence to the committee, said the government's digital identity scheme is currently designed so citizens can register, and be authenticated to enter an online government gateway to pay taxes or access other benefits. But the system "could have a much broader benefit if you had it also for citizen to citizen ID - people could use their government credentials to talk to each other, it would give greater assurance when people contract with each other."

Currently most online transactions between people and businesses, such as email, are hard to verify or trust, Sommer said. Expansion of the government's authentication scheme "was a theme in government 10-15 years ago, but for one reason or another hasn't been picked up. "There may now be greater demand," he said.

The committee's report says the most urgent need is for better sources of trusted basic advice for citizens on computer security. While it notes the government already sponsors the "Get Safe Online" website, it said the resource needed substantial investment and improvement. "Get Safe Online needs a much higher profile among UK computer users and the government is central in that awareness raising, through integrating the site with relevant official organisations and governmental bodies."

Sommer said that ultimately, consumer advice is the key. "It is important to help people help themselves. We have laws against burglary and we have a police force but the first line of defence is lock your house when you leave it. But that sort of advice translated into a computer domain is hard for people to get hold of. For most forms of conventional security such as for your house or car, there's lots of guidance available, and the things people were talking about 10-15 years ago tend to be relevant now. The problem is the computer environment keeps on changing."

Much of the computer security advice that does exist comes from "people who want to sell you things", and lacks credibility, he said, agreeing that Get Safe Online is "very underfunded". If citizen information services are improved, there is likely to be a whole new realm for them: the Commons report also notes that smartphones are now becoming vulnerable to viruses and malware. The brave new world of mobile services is opening up new opportunities for criminals too.

 

       
UKA Live Pre Registration
UKA Live: view recorded interviews
Informed Communications Ltd. 2013 ©  |  Terms Of Use  |  Privacy Statement