It is very difficult to secure public facing systems. Most, if not all, solutions are designed and implemented using current technologies and are protected against known vulnerabilities.
The dark side has time on their side, and believe me they use it. Robert S. Mueller, when he was the FBI director (2014) is quoted as saying, “There are only two types of companies: Those that have been hacked and those that will be hacked.”
In 2010 according to Deutsche Welle, the German media portal, the Chaos hackers that include ordinary computer nerds, appeared to have cracked the PIN system on the cards, which then allows the hackers to impersonate the cardholder online.
India started their Aadhaar over 10 years ago as a voluntary program that was meant to reduce fraud in government programs, but according to a BBC report, “it has become virtually impossible to do anything financial without it.” Earlier this year (2017) Asdhaar was hacked by a clever university graduate that recognized one of the governments eHospital had relaxed security and was able to not only compromise the data, but wrote a Mobile Application to provide everyone the ability to verify sensitive information derived from the hack.
So this recent discovery, and fix of a security flaw that was recognized in the Estonia National ID (BBC News) re just others in the series of “known” vulnerabilities that are being discovered by the gatekeepers of your digital identity.
While we in Jamaica have been debating and raising questions about our own proposed National ID system and other existing forms of identification, we must be mindful that perfection is a state of mind.
Please feel free to share your opinions.
010101