Hardware Based ID Exchange for Social Networks

From IIW

Convener & Notes-taker: David Brown

Technology Discussed/Considered:

Hardware Tokens and Mobile phone applications for transferring contact data between users.

Discussion notes:

Hardware ID Tokens for Social Networking: Some observations from Poken’s experience

User needs

  • Authentication (a web 1.0 problem)
  • Bank login
  • Corporate VPN
  • Exchange of IDs (a web 2.0 problem)
  • Lets meet on facebook, etc.
  • Portable contacts / open social
  • Price
  • Low cost hardware is possible

Anatomy of a token 2.0

  • Communicate between themselves
  • To transfer IDs
  • Process/Store
    • manage an ID securely
  • Record communicated IDs
  • Communicate to a computer/the Internet
  • Relate the Token IDs to identity card data

1) Communication between Tokens

  • Wireless?
  • WiFi, Bluetooth, IR – all have “crowded room” and parametization problems
  • RFID, NFC – passive/active problem
  • Physical connection?
  • Not user friendly
  • Mobile phone based?
  • Needs s/w install, fragmented hardware/OS market
  • Wireless (WiFi, Bluetooth, IR) - as above
  • Camera, QR code
  • Operator vs. manufacturer politics/conflicts

1) Communication between Tokens

  • The solution (according to Poken)
  • Needs a spontaneous data exchange solution designed for this purpose
  • Usability/ergonomics important for this specific human interaction
  • Wireless is most natural
  • Active/active
  • Small form factor & price

2) Process/Store

  • Low end processor
  • Can work around processor limitations to do 128bit encryption/authentication because data transfer siue is small
  • Store communicated IDs
  • FIFO store (eg. For last 64 contacts)

3) Communicate to a computer/Internet

  • USB works fine
  • Emulate USB mass storage
  • Computer provides:
    • Internet networking
    • TCP/IP, DNS
    • SSL over the internet
  • Web infrastructure provides:
    • Token ID to Identity cards data
    • Data portability, APIs
  • Future: OpenID providers, Higgins, etc.

Token 2.0 side features

  • Timelines
  • Parental control
  • If my child met them in the real world then they can friend them online
  • Low cost alternative for some Token 1.0 uses
  • Trust