Welcome to WebmasterWorld Guest from 54.226.133.245

Forum Moderators: buckworks

Message Too Old, No Replies

Whitehouse drafting plan for ecommerce security

the government is aiming to set up a system to create certified profiles.

     
4:58 pm on Jun 28, 2010 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:June 13, 2003
posts:1281
votes: 0


From cnet [news.cnet.com]:

Releasing a draft of the potential new National Strategy for Trusted Identities in Cyberspace (PDF) last Friday, the government is aiming to set up a system that would let people voluntarily create trusted identities to use in online transactions.


From the Government PDF:

The [proposed] Strategy defines and promotes an Identity Ecosystem that supports trusted online environments. The Identity Ecosystem is an online environment where individuals, organizations, services, and devices can trust each other because authoritative sources establish and authenticate their digital identities.


Enter the internet police. This is such a huge undertaking and I'm not sure how effectively the US government will handle this considering the world-market we live in. Also, can you imagine the impact if the central database is hacked?

The Government is asking for input from the public at this site: [nstic.ideascale.com...]
5:05 pm on June 28, 2010 (gmt 0)

Moderator from US 

WebmasterWorld Administrator lifeinasia is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Dec 10, 2005
posts:5550
votes: 24


So all you have to do is hack someone's Ecosystem identity and then you're good to go. Everyone's e-commerce filters will be off for you and you can rack up all kinds of havoc until someone notices.
5:27 pm on June 28, 2010 (gmt 0)

Full Member from US 

5+ Year Member Top Contributors Of The Month

joined:Oct 9, 2009
posts:301
votes: 6


I think it's an inevitable move. There are serious potential problems, but we're headed for some system of Internet accountability, either in the immediate future or eventually.

It started out like the Wild West - first come the intrepid explorers, then the creative innovators, then eagerly come one, come all.

So at first the Internet was rule-free and anonymous, but as more and more "regular" people flocked to build stuff online, more security was needed, because, well, because that's what people do - attend to their safety as a social unit once the whole crowd gathers.

That's going to continue, and as our commercial and social infrastructure moves from the shrinking bricks and mortar to the nearly unlimited virtual territory, people are going to have to form some kind of trust standard. And it starts with knowing who you're dealing with.

And yes, until it's had time to be honed, deception and crime will happen all too easily.

And yes, it's very big brothery and potentially sad and scary, depending on its implementation, and people will fight it tooth and nail, and I don't blame them. I'm just making projections, not offering an opinion.
5:43 pm on June 28, 2010 (gmt 0)

Junior Member

5+ Year Member

joined:June 30, 2009
posts:56
votes: 0


OK great, I was hoping there would be an easier way for the government to track literally *everything* I do. Personally I'm in favour of taking care of my own security, when you do that you have to think for yourself, and that's no bad thing.
6:06 pm on June 28, 2010 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Oct 15, 2003
posts:1418
votes: 0


"Government regulated" creates a false sense of security. Bernie Madoff and Kenneth Starr were both registered and regulated by the SEC. Allen Stafford had the SIPC logo all over his business cards and stationary. Nothing in this country is more heavily regulated than the financial sector, and did it help protect the consumers who were the victims of these guys? NO - in fact, for many it had the complete opposite effect.

The fact that these guys were "government approved" is DIRECTLY RESPONSIBLE for many people investing their money there. If someone tells you they can grow your money at 1% per month no matter what the market does, it sounds like a scam no matter how stupid you are when it comes to finance. But BECAUSE they were regulated and proudly displayed their government-approved logos, people threw logic out the window and assumed it was legit.

The results of this would be no different.

Security is a personal responsibility. It's your job not to lose your wallet, and likewise it's your job to do a little homework before buying online. The only weapon against fraud is an educated consumer, period. If you aren't an educated consumer, you will be a victim, and it's not the government's job to do anything about it. It's yours.
6:08 pm on June 28, 2010 (gmt 0)

Full Member from US 

5+ Year Member Top Contributors Of The Month

joined:Oct 9, 2009
posts:301
votes: 6


I don't think it necessarily or ultimately has to be handled by the government. It would need to be some form of a "body of trust." But the world's on the crux of big changes. I'm bemused when I think about what it might look like in fifty years.
7:39 pm on June 28, 2010 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:June 13, 2003
posts:1281
votes: 0


I'll bet Google would be first in line to be that "body of trust."
3:31 pm on June 29, 2010 (gmt 0)

Senior Member

WebmasterWorld Senior Member bwnbwn is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Oct 25, 2005
posts:3492
votes: 3


I feel the same process you go through to get a SSL is all that is needed to prove your a legit business.

Will this reduce the amount of fraud well this is something to be determined. I do know one thing it will probably increase the price for those that sale this type of information, and increase the need for this type of information.
3:36 pm on June 29, 2010 (gmt 0)

Moderator from US 

WebmasterWorld Administrator lifeinasia is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Dec 10, 2005
posts:5550
votes: 24


I feel the same process you go through to get a SSL is all that is needed to prove your a legit business.

I think the issue here is to (try to) create secure identities for individuals, not businesses.
5:39 pm on June 29, 2010 (gmt 0)

Full Member

10+ Year Member

joined:July 11, 2003
posts:276
votes: 0


I agree with SEOMike
I'll bet Google would be first in line to be that "body of trust."

10:54 pm on June 29, 2010 (gmt 0)

Senior Member

WebmasterWorld Senior Member 5+ Year Member

joined:June 25, 2007
posts:1062
votes: 0


If somebody can get hold of one ID, I don't see what would stop them from getting hold of a collection of IDs. Especially since the payoff is a lot bigger, so more motivation. The government needs to quit looking for quick fixes to things, and just start doing their jobs.
4:38 am on July 3, 2010 (gmt 0)

Preferred Member

10+ Year Member

joined:Jan 8, 2004
posts: 562
votes: 1


I've still got to finish reading the pdf from the government website and then I'll comment. Should be this coming Tuesday. I hope we don't treat this proposal in some light other than it's not meant to be seen, simply because we haven't read the proposed parameters.
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members