More on the "Identity Assurance programme "

Florian Weimer fw at
Wed Nov 2 22:32:20 GMT 2011

* James Firth:

> I know it doesn't need saying, but I am going to anyway. Given this, and the
> obvious commercial and cost-saving benefits to banks etc, why the hell is
> £10m of public money being chucked at the problem?

Doesn't EU regulation forbid electronic enrollment? And after that
step, why would a bank would want to rely on third party for a core
aspect of their customer interaction?

(In some markets, this is already a reality with one-time passwords
delivered by SMS.  I'm not a business guy, so I can't quite grasp why
anyone would subject themselves to the whims of mobile phone operators
that way.)

More information about the ukcrypto mailing list