In a move that could simultaneously eliminate data privacy concerns along with the headaches associated with actually authenticating users, IBM this week unfurled its Identity Mixer service, which makes use of a new engine to encrypt identities.
Dr. Jan Camenisch, cryptographer and co-inventor of Identity Mixer at IBM Research, says Identity Mixer eliminates the need for IT organizations to collect information such as age, nationality, address and, most importantly, credit card numbers. Instead, users will have a set of encrypted credentials that are verified by Identity Mixer, says Camenisch. This approach eliminates the need for users to share personal information, while also making it simpler for anyone providing a service on the Web to verify user identities.
Right now, IBM is running a public beta of IBM Identity Mixer on its Bluemix cloud platform. But Camenisch says that IBM plans to make Identity Mixer available to any provider of a Web service either through Bluemix or as software they deploy on their own systems.
IBM isn’t the only vendor experimenting with new types of cryptographic engines to address privacy and security concerns across the Web. After all, the only reason that there is a security issue really is because too many organizations collect personally identifiable information in plain text, thereby making themselves a tempting target for hackers.
It will be interesting to see how new approaches to cryptography evolve in the years ahead alongside multiple standards that address data privacy and security. In the meantime, there’s some comfort in knowing that the industry is at least looking into ways to solve the problem.