RSA sees looming identity crisis online

As Internet becomes a crime-choked neighborhood, companies could close their e-commerce shutters and customers could flee.

2 min read
BARCELONA--The director of technology for RSA Security said businesses need to move their online customers toward a federated identity policy or security threats could bring people to lose confidence in trading.

"You're talking about hundreds of thousands of people who need to be authenticated," Andrew Nash said at the RSA Conference in Barcelona. "If we can't adopt quickly enough, the Internet will become known as a very unsafe place. People won't have confidence in it and (companies) will bail out, if not put their technology on hold."

Nash said identity fraud, such as through phishing scams, was partly to blame, and that it was difficult to moderate online identities. "Phishing is a classic example. How do you know who the end users are? Without having the guarantee of identities, there is a big block to having more e-commerce."

Phishing, in which fraudsters fake their identity to lure victims into submitting their personal details, has played a large part in identity theft. Customers of many major banks and e-commerce sites, such as eBay, have been the targets of such scams.

Nash said the Liberty Alliance, a user-based security group with members such as AOL, MasterCard and American Express, was trying to push for an identity federation through which companies could share authentication methods, but retain a certain amount of authority.

RSA Security, an electronic security firm in Bedford, Mass., is an active member in the Alliance, and the company said that there were around 30 other organizations trying to solve identity problems on the Internet.

Nash added that organized crime gangs were already targeting businesses to build an e-crime network that fed on e-commerce.

"I was at a demonstration recently where there was a lot of interest in Internet monitoring on behalf of law enforcement," he said. "(It) showed there was a serious amount of organized criminals moving toward specific targets. They were building a system to defragment vendors and business in coordinated attacks."

Dan Ilet of ZDNet UK reported from London.