In “Too Secure?”, I described how a financial services company insisted that I use the fax machine to send them a document. Let’s contrast that process with how it might have worked using a public key infrastructure approach with the five security functions described in the last part of the Privacy And Trust series. We’ll look at each of the five elements.
Authentication. Yes, I was authenticated by the company. They asked for my name, social security number, account number, and date of birth. Not perfect — someone else conceivably could know that information, but since I had spoken to the person before and we knew each other’s voices, the authentication was acceptable. The main difference was that instead of a mouse click or two it required listening to a call center menu and the reciting of information. If I was speaking to a person I did not know the authentication would have been much weaker.
Authorization. Yes, the document I provided could serve as authorization for a financial transaction or authorized the person to do something for me.
Confidentiality. Sort of. Is a fax machine secure? It can be. If I call the company and the person I am talking to is standing at a fax machine and I am standing at a fax machine and I say “Ok, here it comes” and they say “Ok, I see it coming” then arguably we could say it is a confidential transfer of information. In theory someone could sniff some phone lines and get the information but it is highly unlikely. In reality faxes tend to go from an outbox to an assistant who takes it to a fax machine where someone could be looking over their shoulder. And then the document is faxed to a number and received in a “fax room” to be read by anyone who happens to pick it up. And of course there is often the hassle of finding a fax machine and the time delay. Hardly a mouse click. (I use eFax for any inbound or outbound faxes. I get rid of my fax machine years ago.)
Integrity. Definitely not. This is the real flaw in the manual paper based process. When a fax is taken by me or someone else to the fax room it may get placed on a table while someone makes a quick run to the rest room or gotten distracted. Meanwhile someone sees the form and changes $500 to $50,000. Then the form gets faxed. What amount gets transacted? $50,000. The form could also be modified by someone at the receiving end. No integrity.
Non-repudiation. You bet. The transaction will stand up in court. As far as the company is concerned, the correct transaction amount is the amount on the faxed form. I was authenticated, the transaction was authorized and the fax form was transmitted “confidentially”. If I contested the transfer I would probably lose in court.
So what is missing? Why couldn’t I have sent the document via the web or secure email? Technology problem? No. Security problem? No. Culture, resistance to change, fear of the unknown, liability fears? Yes. Are these valid issues? Yes, these are things that can not be ignored but they can be resolved. It is time for the leadership of institutions of all kinds to move forward to make digital IDs available to their constituencies so that Trust can be achieved.