In the early days of the Internet, online and offline identities were often kept separate. Anonymity was more commonplace. But today, verifying online identity is an increasingly important consideration as more official business is conducted online. There are many different online identity management solutions available and in use by various large companies, governmental entities and other organizations. These use different technologies and aren’t generally compatible with one another. The situation is a little like the state of offline identification credentials in the US, especially before 9- 11, with each state issuing its own driver’s licenses or ID cards.
In 2011 the plan, called the National Strategy for Trusted Identities in Cyberspace encourages the private-sector development and public adoption of online user authentication systems. As Natasha Singer explains in her article, Call It Your Online Driver’s License,
The idea is that if people have a simple, easy way to prove who they are online with more than a flimsy password, they’ll naturally do more business on the Web.
Singer explains that the authentication proponents and privacy advocates disagree about whether Internet IDs would actually heighten consumer protection.
— or end up increasing consumer exposure to online surveillance and identity theft.
The system would allow Internet users to use the same secure credential on many Web sites. This can be both a good and bad thing depending on the way you look at. It would be beneficial in the sense that people won’t have to memorize different passwords for different accounts. On the other hand gathering information all in one area can be dangerous; if people start entrusting their most sensitive information to a few third-party verifiers and use the ID credentials for a variety of transactions, authentication companies would become “honey pots” for hackers. Google already has a free system, called the “Google Identity Toolkit,” for Web site operators who want to shift users from passwords to third-party authentication.
Also the government would need new privacy laws or regulations to prohibit identity verifiers from selling user’s data or sharing it with law enforcement officials without a warrant. So which would you prefer: one key that opens every lock for everything you might need or would you rather have different keys for different locks?