I recently did a Soapbox piece for Telecare Aware (http://www.telecareaware.com/index.php/telecare-soapbox-the-security-of-telecare-confidential-information.html) on security of information in relation to telecare operators and I think that this is something that needs to be addressed more widely.
Recently, I received a call from the bank about a matter that they wished to gauge my opinion on. Fair enough, you might think, but before they could do the questionnaire, they needed to go through the obligatory security protocols. The first of these, like the previous post was "are you Mr" "what is your date of birth"..... etc. Now, correct me if I am wrong, but there is a fundamental security issue with adopting this approach.
Firstly, there is no way for the caller to verify it is really me without me providing them with personal information which they must already be in possession of to verify this. (dependability problem number 1)
Secondly, I must provide my personal information prior to them being able to provide theirs. In fact, their ability to identify themselves effectively is dependent on me identifying myself to them satisfactorily. This is because they cannot provide any of the personal information about me to me without breaking their code. They could provide the odd number from my account, but so could anyone who has my bank account details, such as anyone I have given a cheque to or paid by card or any one who knows someone at a call centre that does the work for a bank or utility company / online shopping company etc. (dependability problem number 2)
In other words the details they are likely to provide are already, possibly, out in the public domain for those who want to get them.
This leads to the third issue. If the information they can provide is not unique to me, how can I guarantee their authenticity? The simple answer is that I can't, in fact no one can actually truly guarantee beyond doubt that they are talking to the person they think they are talking to without visual confirmation. dependability problem number 3)
Thus we arrive at stalemate. Clearly the caller from the bank knows I am who I am, as they have called me on my mobile phone. I do not sound like a child (hopefully) and I, in all probability am the person they are to contact. Clearly, exceptions could occur, but this is always the case, but these are cases of more serious fraud.
Thus, we need to design a system of authentication which allows the caller to identify themselves to the called, without the current security breaches that are enforced. One method would be a password system such as the one to log into the bank. Another is a an app that the caller could use on their phone to authenticate the call from a bank or some other body. The app would not be too difficult to do provided the companies are able to give up the numbers they use to call on, but most have a system where the caller number is withheld.
So, we have to go back to the drawing board. We need to rethink telephone communication and the security implications of caller identification. If we do not, then we put ourselves at risk, as the respondents, who are forced to provide personal data to a virtual voice who does not and cannot identify themselves to the same standard as online users experience. (dependability problem number 4)
We hear a lot about hackers and scamming but the security in place by major companies is neither usable or effective for the either party nor is it secure.