IBM’s Identity Mixer enables zero knowledge ID
16 March, 2015
category: Corporate, Digital ID, Financial
When creating an online account there are typically two options. The first is create a new account with a user name and password or use a social login for access. Neither of these are idea solutions, says Franz-Stefan Preiss, cryptographer at IBM Research. When creating a new account a consumer typically has to give up a lot of information and that data can be at risk depending on the security of the service provider.
Using a social identity also isn’t ideal because it give that company a lot of information about the consumer and they can then track the consumers all throughout their browsing, Preiss explains. “And the service provider gets much more information than is necessary for them to grant a consumer access,” he adds. “And once that data is disclosed you completely lose control.”
IBM Research has been working to solves this problem with Identity Mixer, a zero knowledge identity and access management system that only gives up the bare minimum information to grant access. The cryptographic code acts as an agent knowing a consumers secrets, while revealing as little as possible to the relying parties.
The idea behind Identity Mixer isn’t new. Consumers sign up for an Identity Mixer credentials and then when that credential is used at relying parties no extra information is given up, Preiss says. For example, is someone wants to watch streaming movies through a subscription site and the film requires the watcher to be 17 or older Identity Mixer will just tell the site, yes, the person meets the age criteria and not give out a date of birth. The site doesn’t even have to know the subscriber’s name, but instead just know that he is authorized to watch the film.
“Users can control what data is given to whom and they do it with a simple login,” Preiss says. “It’s the same concept as a social network provider but without the disadvantages.”
A university in Greece is using Identity Mixer. Students receive credentials each time they attend a lecture, after they have attended a certain amount of classes they can give anonymous feedback to the lecturer. After submitting comments they are also entered into a lottery for different prizes.
There are several other pilots of Identity Mixer around Europe, including the German Red Cross and other universities.
Identity Mixer has been around for a while but it will be release a cloud-based systems in the next couple of months, Preiss says. “We do the work of setting it up and then enterprises can connect Identity Mixer functionality to cloud apps,” he says.
A demo of Identity Mixer can be found here.