Security card

From a poster at slashdot:

When the hell are security "professionals" going to wake up and realize that secure access to something requires three items: identification, authentication and authorization. You CANNOT store the authentication credential with the identification. It is 100% stupid to store the pin on the identification device. Authentication credentials and authorization decisions must be kept by, and made by, the service provider. The only item that should be left with the consumer is an identification badge.

For instance, a national "ID Card" is actually a good thing IF the only thing it has stored on it or about it is the owners identification, i.e. name and unique ID number. The ONLY thing the card should provide is a way to contact a national database/server which requires two things, the unique, public ID number from the card and a fingerprint (which is NOT stored or printed on the card in any way). The ONLY information the server should return is "Yes" or "No". But see... the fingerprint cannot be stored on the card in way for the same reason that the pin in the post should never be stored on the card. If somebody other than the legitimate owner comes into possession of the card then he possesses both the identification AND the authentication pieces of the puzzle and can do whatever the legitimate owner was authorized to do.

Now if only security professionals were involved in making top-level (government) decisions, we'd be set. Unfortunately these are made by sales and marketing people - the solution that gets implemented is the one that 'wins the contract', not the one that works the best... unfortunately security professionals and technical people do not make best salesmen. All too often a contract is won because of a good game of golf, or a sexy slide deck.