Anyone know more about this BT "uk identity verification" scheme?

Ross Anderson Ross.Anderson at cl.cam.ac.uk
Tue, 18 Mar 2003 09:44:15 +0000 

Ian Miller:

> It's getting quite hard to take out new savings policies - except with your 
> current agents. I may be unduly cynical about this, but one aspect of 
> enforcement of these "regulations" (whether or not they're legal) is to 
> prevent (or at least deter) customers taking out new savings policies with 
> other agents, or transferring savings to schemes under different 
> administration.

The fundamental theorem of network economics says that in industries
where profitability is maintained by customer lock-in, the net present
value of your customer base is equal to the total costs involved in
their switching to the competition. If it were more, your competitors
would bribe them away; and if it were less, you could rack up your
prices.

This, I've argued, is the real reason Microsoft is introducing
Palladium - it will lock in Office customers even tighter, and thus
increase the license fees for which they can be gouged in future.

Making it harder to switch from one bank to another will have much the
same effect.

It's funny, isn't it, how `security' regularly gets turned into a means
of screwing the consumer. 

Airport security is twisted into a means of discriminating against
economy class passangers, so as to bully as many people as possible
into flying business. It didn't take more than a few months after 9/11
for Heathrow to re-open `Fast Track'. 

The electronic signature directive turned digital signatures from a
possible end-to-end replacement for the current banking PIN mechanisms
into a means for banks to dump liability for fraud on their customers.
But then they found they could do that anyway by changing the terms
and conditions for telephone and online banking, and scaling back
their other service offerings, so the customer got screwed anyway
without any increase in technical security.

The security mechanisms in GSM do not stop eavesdropping (as most of
that is done by the agencies), but by preventing 0900 scamsters from
cloning phones they created a huge market in stolen mobiles and thus
led to a surge in street crime. (Simon will recall that Caspar and I
warned Charles Clark back in the run-up to RIP that he should be
paying more attention to mobile phones than to key escrow. Were we
listened to?  No chance.)

And so it goes.

Ross