Protection of Personal Information


Found a provocative site, I particularly like the interview with Markus Sabadello where Markus discusses a Project Danube in the area of Personal Data Store (PDS). Fundamentally, a PDS is a secured, on-line store of your personal information. You control how a vendor may (or may not) access a portion of the information. Thus, instead of each/every on-line vendor to have their repository of your information, they can have none. I hope this works. I'd much prefer to have a single location that I can monitor and control how vendors use the information. For example, the current situation is like this: you go to a restaurant, have a nice meal, and when you're preparing to leave, your server asks "Charge to your account?" When you agree, the charge is done immediately and is invisible to you (unless you can and do access your charge account status regularly). But notice this dialog presumes the server has accurately authenticated you as the owner of your charge account. What if your evil twin "Skippy" was charging to your account. What's missing is multi-factor authentication. Besides your smiling face and winsome demeanor ("something you are"), were you required to show some ID ("something you have") or give a passcode only you would have ("something you know")? Most on-line sites only deal with the "something you know", passwords and credit card numbers. Any way, I'll need to track a few things. Here's a start:

These topics look like they are the wave of the future. I'm trying to head in that direction; I like to pay on-line purchases with PayPal, so only PayPal and I discuss credit card charges.