With the emergence of Google Wallet and the slow migration toward mobile payment transactions, researchers at the University of Toronto had an idea. How about creating an app just for identification purposes? It would act as a simple form of ID, like a driver license, but it would reveal only the specific information needed for the transaction.

The security problem with a payment app, according to Andrew Clement, is that they offer too much unnecessary information that could put the user at risk. Clement is a professor in the Faculty of Information at the University of Toronto, where he is leading the Prop ID research project.

“The idea project was to develop a prototype of an ID app for a smart phone that would provide a privacy protected alternative to the ways in which we expect most smart phone wallet apps to develop,” says Clement. “Namely that they reveal more than necessary information about the individual when they engage in the transaction.”

The Prop ID research project yielded the ID Wallet app. “Prop ID” means that the personal information provided is proportionate to what’s needed for the specific transaction. In other words, only necessary details are transmitted. This is also one of the core principals around the U.S. government’s National Strategy for Trusted Identities in Cyberspace.

The idea for the app grew out of several years of research by Clement’s team looking at how people use their physical ID cards. The group was interested in the development of the Ontario Smart Card Project, which was designed to include a lot of personal information for a variety of services.

Subsequently, the Toronto researchers became involved with the enhanced driver license that enables a license to serve as a border-crossing card in lieu of a passport. It was part of the Western Hemisphere Travel Initiative, the U.S. government’s program to require everyone entering the U.S. to have either a passport, passport card or enhanced driver license.

“We became involved in that debate and felt that the proposals and implementations were not secure and potentially very privacy invasive,” Clement says. “We wanted to develop an approach to ID that would enable people to conduct the wide range of daily transactions–shopping, traveling and banking–in ways that wouldn’t reveal any more personal information than is absolutely necessary.”

Data minimization as law in Canada

This is a matter of federal legislation in Canada. No more data is supposed to be collected than necessary for the transaction but the rule is often violated, Clement says. The researchers set out to show the capability of developing technologies that would enable ID-based transactions while respecting the principle of data minimization.

The team’s first effort used conventional ID cards like driver licenses and student ID cards. “When people use them, they basically flash the cards for the bartender or gate agent,” says Clement. “So in the case of buying liquor, while you are exposing your whole card, there’s generally not a record made of what’s on the card. It’s particularly problematic in that setting that when you use an ID card, all the information that’s available on it–like your name and address, birth date and various kinds of other identification numbers–they’re exposed but they’re not actually used.”

Clement believes problems escalate when these transactions move online. “On the Web much more information is being collected about individuals, partly because it’s really easy to do,” says Clement. The team wanted to address the particular case where a mobile phone is used for an ID-based transaction. “Our concern is that those transactions, like transactions on the Web, will be ones in which people give up a lot more information than is actually needed,” says Clement.

Proportional ID protects personal data

Clement’s team developed an alternative–the proportional ID app–to show the feasibility of a privacy protecting approach. “The classic example that we based this work on is buying alcohol and having to prove an age,” says Clement. “In order to buy liquor, you have to convince the person that you are of a sufficient age, but they don’t need to know your birth date. As long as they could verify the card was genuine, you only need to know a year of birth, for instance. So that would be a first step in this idea of proportionality.”

They managed to accomplish their plan using physical cards. “We created clear plastic overlays to put on a drivers license that would show only the information needed for that transaction,” he explains. They did something similar for voting credentials, using a driver license with the license number and age hidden. Clement says, “We cover those up, and this is the basic idea with our minimally-disclosing tokens.”

The team took it a step further in the mobile ID app. “The information on the card is transmitted in an encrypted form and can only be decrypted with the public key of the issuing authority, and that makes it clear that this is authentic information,” says Clement.

The individual holds the smart phone to the terminal, approves the transaction and encrypted data is sent. After the keys are verified and authenticated the individual’s photo is shown on the clerk’s screen for comparison with the person standing in front of them. The clerk approves that and then is shown a green light if the person is of age to make the purchase.

The Prop ID research team has shown this is technically feasible with Android phones using near field communication or Wi-Fi. The encrypted information is transmitted and authenticated with no unnecessary personal information left behind.

The app is a working prototype. There are no service providers to put it into play at this point. Clement says the team really just wanted to see what could be done. The school is also making the technology available to anyone, licensing it under a Creative Commons license, so people can try it out as a proof of concept. Clement and his fellow researchers think proportionate ID is an emerging area that will become more important as people realize the possibilities and the risks associated with using smart phones for identity based transactions. “We’re fortunate to be on the leading edge as these wallet apps are developed,” says Clement. “And we hope that this can point the way to alternatives that are more privacy protected.”

---

Related articles:

Are states speeding toward mobile driver licenses? Iowa test drives mobile licenses DNA for future identity is in your wallet