, , ,

Passwords are not perfect and they can be surpassed in many ways, we are told. Unfortunately the computer geeks never give us a good alternative, and just being careful isn’t good enough anymore. Not long ago, my mother’s maiden name was considered a good security question by some institutions, but nowadays that’s obviously absurd because it is common knowledge available by simply Googling my name and going to the right sources. My first or second dog’s name might be a little better, because it isn’t posted online, but not much better, because back in the 30s and 40s there were far fewer personal names, especially for dogs, than there are now. Just going through the top 100 dog names will get by most security based on dog names. The other security checks are equally lame. Even super encryption of data is worthless if someone somehow gets your passwords. A dedicated sleuth can usually find a way to pry information from the most suspicious of persons. The hundred-year-old Sherlock Holmes interview techniques still work to get the information you seek.

In this imperfect world of security how might we hang on to the money and information we have and use it where we want without some Sherlock beating us to the goodies? Perhaps this method I am about to propose is already available, and if it isn’t it should be. What would retain most of our self control over our money and information would be a callback system from our usual places of transaction. For example, we could list the usual places at a secure online security service where we typically buy groceries: Safeway #1, Safeway #2, Trader Joe’s, Albertsons, and put a nominal dollar maximum at those places, say $100. If the checkout exceeded our number there would be an automatic call to our cell phone. It would ring right while we were in line and we would answer it immediately with a verbal id number. The GPS would verify our location within the store of the purchase and the number recognition would verify the password number and the voice recognition would recognize our voice. There could be a maximum amount we could take out in cash also, say $100. That could be done almost instantly if our phone was activated at the first scan of merchandise. Under $100 it wouldn’t even call us, because the phone was at an expected place of purchase.

Now, just supposing you were being robbed, the maximum you could lose would be the sum of the groceries and the cash, but it would be a foolish robber who would risk years in jail for such a trivial amount. Also, it would be equally risky for them to try to get the groceries and cash if they had stolen your credit cards and knew your passwords, because the voice recognition would alert the authorities, and without the clerk even knowing there was a problem the robber would be safely caught by the police when leaving the premises. There would never be a hostile situation until the arrival of the police, so there would be little chance of injury to you or other innocent people.

This is an example using common physical commodities and cash, but the same principle could be applied to all online transactions. This would reduce the chance of thefts and would make those that did occur relatively trivial and endurable. For larger transaction such as the purchase of a car, the process could be repeated using a second set of challenges both ways. Thus it would become multiply secure.

The world can be made safer and more reliable by cycled verification of transactions.