Following the news that the Government Digital Service (GDS) is testing ways to use people’s social media accounts to help prove their identity when accessing online public services, Lee Munson, Security Researcher at Comparitech.com.
Lee Munson, Security Researcher at Comparitech.com:
“In theory, the government’s idea of using social media accounts as a means of authenticating a consumer’s identity is compelling – after all, the vast majority of the population is now signed up to one or more of Facebook, Twitter, Instagram, etc.
“In practice, however, I am concerned that the increasing use of social sites as proof of identity could actually lead to an increase in identity theft.
“Given how many people re-use simple, easy to guess, passwords across all their online accounts, it would only require a data breach at one large social media company to leave an awful lot of people in big trouble.
“Imagine what an identity thief could do with access to your social accounts AND the government portals you have used. New passport? Driving licence perhaps? New claim for State benefits maybe?
“While using social accounts to prove who you are to other types of website may be an effective means of authentication, I for one would not trust an association between my Twitter account and the HMRC account I use to pay my taxes.
“Instead, I would actually feel far more secure doing things the old-fashioned way, sending documentary proof of who I am via snail mail which is a totally secure alternative… isn’t it?”
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.