Over the last year, news headlines of compromised passwords and system vulnerabilities have continued to dent our trust in our Internet-connected computers, smart phones, networks, Certificate Authorities and software providers. A month ago, when the Heartbleed vulnerability was identified, some people claimed that this was the end of the great human experience called the Internet.
But great inventions don’t die just because security mistakes have been made. We trust seatbelts in cars and with new trust models we can build an even more powerful and secure Internet.
It begins with accepting that the static username and password for identification and authentication is not enough. And that networks, software and devices will never be free from hackers, backdoors and malware. Then we can then move our trust and login credentials to a small key, which we carry in our key-chain, and which is not connected to the Internet. Instead of trying to rely on vulnerable infrastructure, we set up a direct and secure link between the key and the application we want to connect to. And let the key change our user credentials every time we login.
In parallel, we are creating a new user centric trust model. Instead of relying on a single party for authentication to multiple services, we’re turning the model upside-down, where multiple services can rely on a single device. This concept of true end-point authentication is also the core idea behind FIDO Universal 2nd Factor, the open authentication standard that Yubico is spearheading.
Once you can purchase your secure online identity online or at your local store, and free and open source U2F libraries are published for any service to easily implement, the Internet will be a safer place. New, distributed, disruptive and lower cost trust models will evolve, empowered by billions of users.