Metamorphs Journal: 2023

Thursday, April 13, 2023

IDENTITY VERIFICATION WITHOUT COPYING

Introduction

The verification of identity seems to be a highly flawed process, which every organisation appears to believe involves copying, including the Australian Tax Office. Yet no copying is needed, nor sighting, further more if the selected documents are used for identification purposes it hinders their proper use. The processes are also contradictory, as they require the same data to be both public and private at the same time. Everyone needs to stop building repositories of identity data, which are ripe for harvesting by thieves. The need is to verify identity, not acquire a copy of identity data. Not the least of which is, more traditionally, copying of such documents was considered illegal.

Security Key

To me the Australian Tax Office MyGovID application is fundamentally flawed. I don't have an issue with its use as a security key, other than a mobile phone, the purpose of which is spoken communications, is an overly expensive security key. Which item is treated with more care, house keys or mobile phone? A low priced USB security key on keyring with house keys likely more secure than a phone. The phone is only more secure assuming its security features used to prevent anyone else accessing. These features have tendency to interfere with use as a phone the primary purpose of the device. A smart phones security features may make it good in theory, but not in practice, it is not a quality robust design solution. Given such may as well make other options available: it is poor design if there is no alternative or backup technology.

Verification of Identity

However, the major flaw with MyGovID, is the process of verifying identity to use with the security key. The process involves copying, creating pristine digital images of identity documents. Pointing a camera on a phone at an identity document may be convenient, but it is also foolish and irresponsible. Around two or more years before MyGovID was introduced, I refused to give Paypal such copy of my identity documents, and I am surprised that the government is following such path of collecting copies. Especially surprised as I'm reasonably certain it was corrupt government employees during 80/90's who first exploited colour photocopiers to forge identity documents. To now give them pristine digital copies is insane.

Token Evidence of Identity Check

Maybe in the first instance as a consequence of World War 2 , and the cold war and the iron curtain, it was apparent employees could be corrupted and false identity documents created. So taking black and white photocopies of documents introduced, along with stamping these as copies, with the date and the signature of the agent taking the copy. Such copy providing token evidence of having viewed something resembling an identity document. If originals need sighting then these copies clearly not suitable substitutes. But as copying technology has improved, such copying no longer acceptable and should have been abandoned during the 1990's. For such copying to be continued using digital technologies is unacceptable.

The Optus breach would be less significant, if identity data had not been collected. It seems "as a tax office requirement", businesses are building repositories of identity data littered all over the place. Would expect the government to take the lead and demonstrate that do not need to copy identity documents or sight them, to verify identity.

Privacy Policies

Such copying is unacceptable and unnecessary. Whilst it is nice that the tax office and other businesses have privacy policies. Such policies are unfortunately no consolation to people who have their identity stolen. Most especially when the verification system is poorly designed and contributing to the theft of identity, due to predictable design flaws.

Identity Tasks

I'm aware of at least two different identity tasks. The first is verifying dealing with a real person, and real address, and opening an account and issuing an on going unique customer number (ID1) for the name and address. And attempting to connect an actual person (ID0) to that identity. The second issue is ensuring all future transactions (ID*) are with this same person (ID0), Most organisations issue plastic membership cards, with the unique membership number on it. These membership cards are not proof of identity, they simply allow transactions against the membership number: that is transaction ID* connected to ID1, not to ID0. One problem is ID1 can be stolen, but everything still points to ID0, as they are the one at the address or a previous address if the thief (IDx) has changed the address. If a problem occurs then seeking to find an actual person at an address. Not checking validity of addresses, and not checking occupation of the address, in the first place is a major defect.

Public Facing and Private Data

We can consider there is public facing data and non-public facing (private) . By public facing I mean the information is shared with a multitude of people: friends, relatives, businesses and government departments. Information on membership and identity cards have to be public facing to operate: the data cannot be private. Name and address are public facing but their association with other things is private.

Government Registers

All special documents/cards issued by the government are associated with a register and for a specific purpose. Use for any other purpose has the potential to hinder the proper use of the document. Presence on the register is based on a name, which may not be unique, but is made unique by an assigned number, and other data placed in the register. For on going transactions a physical address is typically required, where if we chose to look, expect to find the person inside the house at the address.

Interrogating Legitimacy of Documents

The government typically chooses to keep other information collected by each department, private and confidential to that department, unless there is good reason to share. Therefore all interrogation of the legitimacy of a document should only occur between the department which issued it and the person claiming the benefit conferred by the document. Exchange of data with any other party puts information where it does not belong. Collecting the data simply because do not have the imagination to consider how verification can be done otherwise, is not acceptable.

If a person does not have an original document, then they need to apply to the keeper of the register for a transcript. This transcript and copies should never be passed onto anyone else. It is clear that the keepers of the registers have to be able to interrogate an individual to the extent necessary to be convinced the person can uniquely identify themselves on the register: That is connect ID1 to ID0. However, possession of an original or transcript provides little evidence of anything useful: it is not proof of ID1 connected to ID0.

Therefore the registers and the keepers of the registers are important to defining identity (ID1), but have a problem connecting to the person (ID0). Keeping ID1 connected to ID0 is thus part of the problem to be dealt with.

Associating ID0 Activity with ID1

Our primary concern is that ID1 is unique within the community and all transactions by that identity are those desired by ID0. Therefore an important task is to get ID0 to associate all their activity with ID1, and will typically involve reference to transactions ID*.

Presence of Name on Available Registers

Since a name is on all the registers, it is clear that all the registers can be checked for presence and uniqueness of a name on the available registers, without disclosing any other information. If address is available then it can be checked, if and only if the name is not unique. As knowledge of presence on some registers may be a matter of privacy in itself., an individual needs to grant permission to check all the registers, When granting permission to check the register the person can also identify whether they expect to be on the register or not. For example not on Australian registers of births or deaths: because alive and born overseas.

Having checked multiple registers we know the name is in common use, but not that all uses are by the same person, or by the person (ID0) currently being checked. We therefore need the person (ID0) to get confirmation from the keeper of each register that they are able to defend their unique presence on the register. Also if necessary demonstrate they are not the person on a register.

For any organisation to get more information from the person to check against the registers would be unacceptable. The keeper of the register has to exchange the information. The keeper of the register has access to the information, the information is private to that register. It should be kept private to that register. There is no value to the data for identity and security purposes if it is littered all over the place.

Identity Confirmation Tokens

The individual therefore needs to apply to the keeper of each register and get a confirmation token of some description that they are able to defend their unique presence on the register. The collection of tokens are then linked to a single identity token. This token ultimately being a public facing identity card, potentially eliminating need for 100 point identity check as the identity represented by the card is routinely updated by an increasing number of checks against the use of the identity.

An identity card being created as it is a time consuming and inconvenient activity for all parties involved therefore only want to pursue the activity once.

Identity Check

So notionally defined an identity and assigned to a single identity card, and whilst built on checks against multiple registers, the card can be stolen or faked. It can contain a photo and a data strip, and a personal identification number(PIN) can also be associated with the card. The data strip contains information about all the checks made, the more checks made the more robust the identity. For person to person transactions, an 100 point ID card is likely good enough. Multiple organisations can be involved issuing ID cards complying to common standards, on condition no organisation ever takes a copy of identity documents. The only general purpose public facing identity data is that made available on the 100 point ID card. All other data is kept private, only shared with those organisations which issue the documents.

No Computers

A system could be designed which does not require computers or smart phones. The system needs either paper confirmation certificates or could use plastic/metal confirmation tokens/coins. However, the registers can be searched faster by computer, and restricted access to the data better enforced. Digital tokens also have potential to be more secure.

Remote Transactions

Remote transactions pose a problem as cannot see a plastic ID card, though it could have a built-in USB key, employ or employ NFC technology as in smart cards and stickers and tags. However, unlike face to face transactions cannot check face against the ID card: not that this is helpful if the card is fake. So problem is that ID1 is not permanently attached to ID0 and no one really wants the world of Cyborg 2087 and implanted trackers.

It seems drivers licences, and other identity documents are being used for over the phone verification. This is not sensible, it is a contradiction. Either the information is private or it is public, it cannot be both at the same time. If every business is making copies, then it is public. The original purpose of most of the documents also makes them public facing.

For traffic control purposes, it is likely that people will communicate required exchange of information by way of their drivers licences. Therefore one way to get information is through a minor car accident: the thief already using a fake identity. Such information is therefore not suitable for remote identification purposes.

Biometrics

Biometrics instead of implanting a tracker, make use of data already nautrally embodied in a person. However in the world of 3D printers it is questionable as to how robust these systems are. Furthermore there is still the issue of the data being collected and littered all over the place. So copying a persons features is no more acceptable than copying their personal identity documents. There is a difference between fallible human memory connected to multiple sensors, and a permanent machine record based on a myopic perception from limited sensors.

Using biometrics stored on single device belonging to the owner, and used as a key for multiple devices and systems is more acceptable. In this manner identity/biometric data is not scattered amongst multiple organisations nor on multiple devices. The one device is unlocked and activates a key to unlock other systems.

Transaction History

As indicated above if an organisation has a history with a client, there are therefore multiple ID* transactions which can be used to verify a person remotely. Most recent transactions not necessarily the best transactions to use as the use of such maybe the cause of a recent identity theft. Unfortunately historical transactions may not be readily available to individuals, consequently may take a few days to dig old information out and verify. The purpose being to determine a history of interaction between ID1 and an organisation, as recognised by ID0 and the organisation.

Computer and Smart Phone Technology

Increasingly smart phones and computers are acquiring increased security features which restrict access to the device or an account on the device. The tax office assumes one phone one user, which is some what unreasonable and doesn't reflect the real world. Many families just have one mobile phone and a landline, there is no need for everyone in the household to have their own mobile phone. Businesses have landlines, most businesses are small business, and they didn't have one phone to one person. If anyone in the business has a mobile, it is most likely their own, and not supplied by the business. So have two issues individual not wanting their phone contaminated with business software. Business owners not having control over individuals personal devices.

Tax Office Problem

The tax office's problem appears to be that any individual can log onto a computer and onto tax office systems. This is because in many businesses, employees likely do not have their own computers, nor do they have their own computer accounts/profile on a computer. So once a person had access to a computer a person had access to the Auskey granting access to the tax offices data. Unless using an Auskey on a usb stick, in which case only the person with the USB stick should have been able to access. Of course anyone could be granted access to use the key. But had the advantage that the usb stick could be taken back and the Auskey cancelled. Thus usb sticks a visual reminder of how many Auskeys a business was using. Though I'd hazard a guess the contents of the USB stick could easily be copied, but as long as the Auskey cancelled once an employee changes roles, should not have been a problem.

However, the expectation with MyGovID is that only one person using the security features of a smart phone is able to unlock the phone and gain access to the security key provided by MyGovID. However it does seem like the security features of a computer, laptops especially, and system accounts, could equally well be used to limit access to the tax office systems. One computer with multiple users, and each account having its own digital key. In large organisations people not always using the same computer, they can log onto any computer, and their profile follows them, therefore the digital key would have to follow, it cannot be machine dependent.

Irritating 2 Factor Authentication Using a Smart Phone

So enter the irritating 2 factor authentication either using a mobile phone and codes sent by SMS, or other methods such as using symantec VIP on a desktop or google's backup codes. At least google recognises may not have phone with you or switched on and provides an alternative. The tax office suggests that the SMS messages are not secure, and that new smart phones have improved security for the communications.

So once MyGovID is setup we supposedly have a secure digital key for remote transactions. Using a smart phone we don't need a special reader for a keycard, and unlike a simple usb key supposedly only one person can use the key. All seems reasonable for on going transactions and especially remote transactions.

MyGovID Primary Defect

The big problem however is that to set up MyGovID everyone foolish enough to do so, or otherwise coerced by the tax office, has given their identity away, and the tax office servers are now ripe for harvesting. No point harvesting them when little data there.

Copying and collecting of identity data is not verifying identity, it is not making transactions more secure, it is creating more sources of identity data and making peoples identity data easier to find and steal. So MyGovID would be good if it didn't place our futures at risk.

MyGov Primary Defect

On the other hand MyGov connects multiple government accounts to a single account, but otherwise fails to confirm and create a single secure identity. Furthermore various government departments may still ask for copies of documents to conduct a 100 point identity check. Thus creating even more repositories of identity data.

Use of MyGov to Interrogate Government Registers

Yet MyGov should be carrying out adequate interrogation to connect a government account to a single user account, and as it does so generating a firm identity for a given user. In other words MyGov needs more government accounts available for connection so that can generate a firm identity. That is so that a user of MyGov can check themselves against the various government registers, be appropriately interrogated by the keepers of the registers and receive an appropriate confirmation token against such register. The more government accounts a person can link or otherwise confirm against, the stronger their identity.

So in the first instance, simply create an account, such account is not associated with anyone. Just a user name, and/or email address and a password. Once the user provides their full name, approval can be granted to search all registers for their full name. At which point they can be notified as to their presence on the register and as to whether they are unique or not. If not unique then they can do further checks against those registers to uniquely identify themselves. Once uniquely identified on 3 or more registers then the user can proceed to the process of unlocking access to the various accounts and linking them to their one MyGov account. {3 or more := birth/migration + electoral roll + medicare + taxfile } Those registering for services for the first time may have problems, but they likely have an education, and the education department should know they have attended school. So it maybe necessary to connect both federal and state government departments to the one account, and possibly certain private enterprises. Thus MyGov creates a confirmed identity with out ever copying or sighting issued documents. This identity then needs to be secured and usable: that is making the identity usable as a security key the way MyGovID is meant to be.

Flawed Verification Process

The tax office approach requires they, banks and various other organisations acquire copies of identity documents such as birth certificates, drivers licences, passports, citizenship certificates, Medicare cards. If they acquire copies the document is no longer unique, and the data is no longer private. And as they are now largely acquiring and checking digital copies, it is possible that no original is ever required. So the process is flawed. It may be believed that not possible to inject fake data into the communication stream, but it does seem feasible to by pass a phones camera and inject into the camera's memory. I believe a criminal organisation would only need to modify one phone, and swap sim cards to create multiple identities. If they cannot get digital images then they cannot do that. If digital images of identity documents are not used then they cannot do that. If the documents selected as identity documents are not used then they cannot do that.

The system described above is not using identity documents it interrogates the individual once to create an multi-use identity card/token. That identity card can be questioned requiring further confirmation of the connection of ID1 to ID0. But under no circumstances does the party requiring the confirmation get to see the other identity documents.

General Use Identity Card (100ID)

To clarify further the 100 point ID card (100ID) can be checked by anyone for any purpose. The police can check the drivers licence and 100ID card if they wish, or just the drivers licence. Customs can check passport and 100ID or just the passport. But no one else can check a drivers licence or a passport, as these are not general use identity documents, they are created and issued for specific control purposes, and such purpose should not be hindered by alternative uses.

So confirm identity but do not contribute to theft of identity by building repositories of identity data and passing such off as verification.

Arresting People

Who is the tax office going to arrest for failing to confirm identity or acquire an identity token. Either a person is not identified or they are. If they are not identified then cannot arrest as do not know who the person is that is to be arrested. If can arrest then have identified and confirmed the persons identity, if confirmed the persons identity then no just cause to arrest. Whilst can arrest someone, take a photo, assign a reference number and leave all other details blank. However it is not acceptable to arrest someone simply because they do not have any form of identification. Nor is it acceptable to arrest someone because happen to be an arrogant all powerful organisation which is only capable of confirmation of identity by creating a copy of identity.

Revisions:
[(13/04/2023)] : Original

COPYING IDENTITY DOCUMENTS IS NOT A VERIFICATION PROCESS

I have an issue with the general copying and collecting of identity data passed off as an identity verification process, by all businesses (eg. Paypal, banks, Certsy), and especially government departments such as the Australian Tax Office (ATO), and Centrelink. The reference to its a tax office requirement could also be considered and coercion or abusive use of power. The ATO is potentially responsible for all data breaches such as the Optus breach.

Centrelink Identity Check

After an heart attack in 2018 I was advised to seek a health concession card, centrelink required my identity documents be submitted, this could be done via MyGov. I reluctantly and unwillingly submitted via MyGov, I submitted "everything but the kitchen sink", the response was not enough information. It currently indicates there is no history of my ever submitting documents. I don't trust them. As far as my memory goes, sometime back in the 1980/1990's the DSS/CES introduced A3 colour photocopiers with collation memory, that collation memory was used by corrupt employees, after hours, to produce passable replica's. This copying activity should have stopped back in the 1990's, instead it seems to have increased.

Traditional Copying

My understanding is that attempting to copy official documents issued by the government whilst not itself illegal the potential use of the documents in a fraudulent manner is illegal. The original A4 black and white (B&W) copies taken by DSS/CES, stamped in red ink with the word "COPY" , dated and signed by the representative of the DSS/CES who witnessed the original, was acceptable, as originals need be sighted and the B&W copy was not passable as an original. The copy, basically being taken because employees not trusted and the copy is token evidence of having seen something resembling an identity document.

Copying Technology

However, once copying technology had reached the stage of being able to produce passable replica's the copying of identity documents should have ceased, that is some time around the 1990's. Instead today pristine digital copies, which can be used to produce passable replica's, are being littered all over the place. {AI technology detecting fakes is irrelevant}

Paypal

Around 2 years prior to the ATO introducing MyGovID, Paypal requested digital copies of my identity documents, indicating it was a tax office requirement. I refused to provide, and provided them with explanation why and informing about the traditional B&W copies. I also explained they had already verified my account through my linked bank account, which already required a 100 point ID check in person, to get. They indicated they would verify my identity by other means. I still have two Paypal accounts, though the business account I'm not certain is fully operational, but I have little use for it, so not overly concerned at the moment. {I did have a few dollars seemingly trapped in the account, but I have recently transferred.}

ATO Secure Access

The ATO introduced MyGovID and discarded Auskey. As the application is not compatible with my phone, and to me a mobile phone is a useless piece of electronic junk running poorly written bloated software, its only purpose is spoken conversation, I have no intention of updating it simply to use as a security key. Consequently I lost access to the ATO business portal and processes became inefficient as now I need to operate via an accountant. Apparently accountants, financial advisers and tax agents are not very responsible as they appear to have mindlessly complied and verified their identities with MyGovID. Needing to use a smart phone as an over priced security key, is irritating but something I could ignore and detour around.

Though lost faith in accountants ability to act in the best interests of their clients. On an accountants forum all the accountants seemed to be concerned about was updating the phone, the cost of the phone, and the security features of the phone, no thought of how the phone is used. It seems anything on a mobile phone is seen as "cool!" and convenient, rather than stupid and irresponsible.

Smart Phones and Software

The need to use a mobile phone in conjunction with a computer is getting to be annoying. Quite frankly I have little use for a phone, and consider it an unnecessary expense and have little intention of replacing when my current phone stops working. It spends the majority of the time switched off. I like computers, but I hate phones of all descriptions. When I got a smart phone, I thought it had potential as a portable computing device, it has however never demonstrated any value as a computer. Not the least of which there is generally only one way to get software onto the device. The constraints imposed by Google and Apple are unacceptable. A smart phone should be a personal computing device, and not require software from a public repository, nor require software be placed in such public repository.

The constraints on the public repositories operated by Google and Apple is the one major reason why the ATO MyGovID application is not acceptable, since if it is not compatible with your phone and cannot be installed then google play will not permit comment. But MyGovID is an imposed piece of software by a government department and its very concept and nature is flawed and needs to be discussed, criticised and interrogated, and has little to do with whether the software does or does not work. To a certain extent the ATO covertly introduced this infringement of rights: theft of data from other departments which they would otherwise not be granted access to. Copying documents is not verification.

There are other means of multifactor authentication with out need of a smart phone: such as googles backup code numbers and symantec vip access, and usb security keys.

ATO Directors ID

Then the ATO introduced the Directors ID, this requires MyGovID to "verify" identity. Now I cannot avoid the issue. There was a voice phone option, so I was willing but reluctant to go along. I tried the phone option, and got an extension of time as phones busy. There's a telling clue. I eventually get through, and over the phone they failed to verify my identity, But they did collect data from my citizenship certificate: suspicious. Which all seems likely an highly defective process, since it suggests only need data from the document, which could come from anywhere. As failed to confirm over the phone I was sent letters requesting I send certified copies.

Copying Identity Documents & Exchange of Data

I am not placing my identity documents anywhere near a photocopier, scanner, or camera. The only scanner acceptable to me is that operated by the department which issued the documents, and only with respect to the purpose for which the document was issued. The only exchange of data acceptable to me is with the department which issued the document.

Legitimate Access to Data

The various government departments do not share data,. If the ATO had a legitimate reason for such data then they would have it already. They do not have legitimate reason for the data, and they are not getting it from me.

Verification Process

This verification of identity process is total nonsense. They are copying identities they are not confirming or verifying anything. They are simply building repositories of identity data ripe for harvesting and thus contributing to the theft of identity. {eg. Optus breach}

The 100 point ID check does not require copying or sighting any of the specified documents. Furthermore possessing the documents is not proof of anything useful. Whilst sighting of the documents by persons not involved with the intended purpose of such documents is also not proof of anything useful.

AI Technology

Customs and immigration using AI technology to detect fake passports at border crossings is a reasonable use of AI technology. This is because fake passports along with corrupt employees diminishes the value of the passport and interferes with its proper purpose. The department/s which issued and otherwise employ the document are doing the checks to fulfill the proper purpose of the document. Consequently their activity does not interfere with the proper use of the document.

Furthermore given the number of people processed daily, it is unlikely they would waste resources storing the scans long term, and have little need to do so, as they already hold the information which is on the passports they issued. They really only need to keep a check on arrivals and departures, in each direction, and keep for a short time afterwards, and only data about suspicious persons retained for longer periods.

Other organisations scanning the document is not acceptable.We have no control over their use of the digital image generated, and they do not otherwise hold the data on the document, and have no "right" to such data. The digital image generated has potential for use in producing fake documents and therefore interferes with, and hinders, the proper use of the document.

The proper use of a drivers licence is traffic control, the police scanning it for such purpose is acceptable, anyone else scanning it is unacceptable as hinders the proper use of the document. It is also to be noted that data cannot be public facing and private at the same time. During an accident the required exchange of information is likely to occur via the use of a drivers licence, the information is therefore public facing. As the data on a drivers licence is public facing it is no value for confirmation of identity over the telephone. Copying the licence with a smart phones camera is not a transient observation and is not acceptable.

Identity Cards

If other organisations have issues with identity then they should issue their own identity cards, and security keys, to suit their purposes, not hinder the proper use of those cards issued by others.

Tax Office

If the ATO is not happy with tax file numbers (TFN) attached to just about everything, and wants a photographic identity card then it should issue one. Or simply issue a card similar to the Medicare card, with TFN on it.. Instead of useless piece of scrap paper with TFN on it.

Identity Checking

So the ATO is not in the business of identity checking. In which case why was it permitted to introduce MyGovID? Other businesses for which the 100 point identity check has been imposed are also not in the business of identity checking.

National Identity Cards

As I recollect back in the 1970's the population opposed the introduction of national identity numbers and photographic identity cards. The government got around this by having the TFN assocaited with various customer accounts with coercion of increased tax if do not do so. The state governments introduced photographic drivers licences, with explicit disclaimer on them that for traffic control purposes.

Smart Phones

It was clearly apparent with the introduction of mobile phones, that an alternative national and international ID number had been introduced (the phones number), followed by GPS tracking and audio/video surveillance of a person becoming possible. But this is not simply an invasion of privacy, it places the security and uniqueness of a persons identity at risk. All this abstraction of identity is not the person. {Biometrics is just another abstraction, and 3D printers are liable to make that unreliable.}

Secure Identity

So we need secure identity and we need an organisation to trust to create and secure such identity. But at the same time we do not want national identity cards. The issue is that certain information should be private and confidential to certain organisations and should not be shared by anyone. Only name and address are public facing: with an hopeful expectation we can find a person with the given name at the associated address inside the main dwelling.

So the 100 point ID check, and MyGovID are all hazards to the security of individuals unique identity, rather than safeguarding identity, the processes currently employed are defective and contributing to the theft of identity and these defective processes need to be stopped. That includes terminating the use of MyGovID for identity checking, its use as a security key is another matter. Similarly it is unacceptable for justices of the peace to provide certified copies. Copying is not acceptable.

Revisions:
[(13/04/2023)] : Original

Saturday, February 04, 2023

Proof of Identity Nonsense and Directors ID

To start with full identity is embodied in your flesh and blood, and cloning you would not be considered acceptable. Therefore if your identity is abstracted to a pile of scrap paper, it should be considered unacceptable to copy such documents, and unacceptable for information to be retrieved from those documents and stored.

The only acceptable copy and store of such information is the original register of record when the documents were created.

Documents may need to be sighted, but they should never leave your sight or be touched or handled by others. You want to be certain that the document you walk away with is the exact same document you arrived with. You should not want any kind of document swapping, copying or scanning to take place.

Mobile Phone Apps

You should not view mobile phone apps as convenient and cool. Just point phone camera at drivers licence and get identity verified is not cool, it is irresponsible and foolish. The drivers licence is not an identity card its only purpose is traffic control, if not dealing with a traffic control issue then no one has a right to see your drivers licence or record your licence number.

National Identity Number and ID Card

During the 1970's the Australian population voted against national identity numbers, and the introduction of a national photographic identity card. I'm not sure whether it was an actual referendum or preliminary survey which indicated no point to a referendum: but the dominate view reported on the news was against the idea.

So tax file numbers became attached to just about everything financial, and identity cards covertly introduced by way of the states introducing photographic drivers licences. And whilst the drivers licence explicitly states for no other purpose other than traffic control it is increasingly being used as a general identity card. Those without a drivers licence then find themselves at a disadvantage. Though the vast majority of the identification requirements are unnecessary.

Back of Drivers Licence

PAYPAL

A few years back Paypal requested I send them digital copies of my identity documents to verify identity, as it was a requirement imposed by the tax office. I refused, I still have my paypal accounts (personal and business). Amongst other things I pointed out that they had already verified my bank account, credit card, and I had already done the identity check in person at the bank, and therefore why does such linked facility require additional identity check. I also declared that they did not have a right to a digital copy of my identity documents and that receipt of a digital copy was not confirmation of identity.

TAX OFFICE AND MYGOVID

Then a few years later the tax office introduces this MyGovID garbage. This mobile phone app, is apparently defective, and people are complaining that their documents are not getting verified, and the response is typicallly that they need to submit pristine copies of the identity documents. The MyGovID app is not compatible with all phones, so to use people would need to get a new mobile phone.

At the time I checked out an accountants forum, expecting that this app to be criticised as a seriously defective concept. Instead these idiot accountants were arguing about looking after clients best interests and updating mobile phone to get latest and greatest security fixes. If these imbeciles were truly concerned about their clients privacy and security, they wouldn't be jumping on the bandwagon of the latest piece of mobile phone junk. Instead they would put brain in gear and avoid using mobile phone junk. Software which is updated, daily, weekly, monthly and yearly is poorly written junk, it is not minimum viable product (MVP), and the security updates are a joke. The software is typically written using bloated libraries, and that bloat of unnecessary features makes it both a privacy and security hazard.

MYGOVID : DEFECTIVE IN CONCEPT

But putting the defective software aside, the MyGOVID concept itself is defective. First it is only available on google play, where only people who are able to download and use can comment. So no opportunity to criticise the concept: this is completely unacceptable for software imposed by the government. This is not optional software, there is no alternative.

No one, absolutely no one, should be providing a digital copy or even paper copy of their identify documents to any organisation, not even under the coercive cloud of tax office powers. Using your mobile phone may be convenient, but it is not proof of identity.

All the digital copies uploaded elsewhere can be stolen and used to create false identities, as only digital copies are being used for verification. I should imagine a criminal organisation would only need to hack one mobile phone, to create a device which bypasses the camera, and injects a digital image into camera memory. The sim cards are used to identify the caller, and these can be replaced as needed to create as many identities are desired from the one phone.

PAST PROOF OF IDENTITY

In the past, identity documents were photocopied using A4 black and white (B&W) photocopiers, the DSS/CES for example took such copies and then stamped in red ink with the word "COPY" and the current date, these were then signed by the agent processing the information. It seemed innocent and acceptable, but why did they need the copy? Well the past indicates that such employees can be corrupted, and so the B&W copy was token evidence that something resembling an identity document had been seen.

PHOTOCOPIERS AND MEMORY

However, sometime during the 1980/1990's colour A3 photocopiers with collation memory were introduced. Few people understood the advanced collation features of the copiers and also little actual need for such features. Corruptible employees used the collation memory to store copies of identity documents then after hours printed off replica documents. The situation became worst when, the photocopiers became combined, copiers, printers and scanners attached to computer networks and desktop publishing software. Now they went beyond cloning to more fully forging documents. Then came wireless networking.

So by the 1990's it was no longer sensible to trust identity documents anywhere near a photocopier. Problem is that the number of organisations required to conduct identity checks increased, and the number of people wanting to copy identity documents increased, and everyone seems to have nonchalantly and compliantly fallen into line, allowing such copying. Yet we should have opposed from the beginning.

VERIFYING VERSUS COPYING IDENTITY

Not one of these organisations has any reason or need to hold a copy or record information from your identity documents. There should be no copies of the documents or copies of the information floating around anywhere.

Verification of identity is a process, and is transient. It basically requires checking transient data against a read only database. A database which cannot be copied. So search data can be passed to the database, be checked and discarded. The only data stored being the response from the register which has been checked. The register keeping track of all enquiries made and the source of such enquiry. So the only data being permitted to be recorded is with the original register of such information.

The only information any organisation should need to store is your name and address and the unique client number they assign to you. Most organisations don't even need this information, they just need to check one piece of data to make a decision. For example check age to allow into a venue, who you are is irrelevant. For other situations, the organisation simply assigns an identity number to you, and again who you are is irrelevant. So no name, rank and serial number requirements : all that is relevant is the serial number. Think about that, we are being imposed on to provide more information than a soldier would be required to supply during war.

Now take the directors ID, what value is it? I didn't need one last year, and I doubt it will be any use next year or any time in the future. I'm also fairly certain that the tax office will be held accountable in a few years time for making it easier to masquerade as a director, as they have turned complex identity into a simple number which can be easily stolen. But not to worry because the tax office puts the burden of protecting this worthless and dangerous number on the people they assign the number too. Ok! So have a responsibility to protect identity, no problem. So Dear Tax Office you are not getting copies of my identity documents: verify identity yes, receive a copy of my identity, no #$@!% way.

EXAMPLE SITUATIONS

So you go to the bank to open a new bank account or to the post office to organise a passport. So what happens? You need the 100 point identity check. Two major identity documents are Australian birth certificate or Australian citizenship certificate. Obviously if taking out Australian citizenship don't have such certificate nor Australian birth certificate, however expect department responsible for this to be capable of processing foreign birth certificates.

Now the bank should not need a copy of your identity document, nor need to record information from it. Your account is opened based on a name and current address. There are thus two bits of data to verify: the name and the current address. The address can be verified by visiting the address and talking to the person inside the house, not someone in the garden. The name is part verified by sighting identity documents: such as birth certificate and citizenship certificates. However additionally a collection of documents with their name and address also gives some evidence to their use of such name and address: a problem if they have recently moved however. Changing address seems to be a problem. But again address can be verified by visiting the address.

Now passports are a problem because the Australian Post Office doesn't do anything other than take a photo, collect copies and pass onto the appropriate government department. So it maybe seems reasonable to provide copies, however it is not. Again the primary issue is to verify use of name and address.

The Tax office doesn't trust email, or paper post, but seems to believe telephones are secure, and that the piece of electronic junk that is a mobile phone is exceptionally secure.

I recollect during the 1970's the government indicated it would decentralise and make services more local, instead it centralised everything at the end of a telephone in another state, and for all we know these days it could be outsourced to another country entirely. The car, telephones and internet are putting services more and more distant, and thus generating a need for remote identification.

BUYING MOBILE PHONES

To buy a mobile phone in Australia you need to provide a name and address, for the most part this is for on going billing purposes. Not everyone has a personal mobile phone, nor do they have a desire for one, it is therefore unacceptable to create systems dependent on such electronic junk. Further more I don't recollect a requirement for a 100 point ID check to buy a phone, so a mobile phone number is not a verified identity. I do recollect opposition to the idea that retailers should become responsible for such identity checks, before selling phones. So I believe no such system has been implemented.

Secondly if buying a phone with prepaid credit, why do you need to provide name and address? There is no on going billing, and simply a number on the network. Do we care who is using the number? For the most part the answer should be no, there is no public telephone directory for mobile phones as there is with landlines. Mobile phone numbers seem to be more private than private landlines: though doesn't stop unwanted phone calls from salespeople and scammers on either.

Also whilst some people do not have mobile phones, others have more than one mobile phone. Further whilst some people seem to think they need 24 hour access to the world and always have their phone on, others switch their phones off and do not consider it acceptable for others to have 24 hour access to their life. Needing to switch a mobile phone on for two factor authentication is annoying.

However using a mobile phone is probably more convenient than a separate device for identity checks. But if the mobile phone is to be used for identity check, then the identity of the user needs to be verified and that is a problem.

THE OPTUS BREACH

Just back tracking. As I indicated earlier, the population voted against national identity number and identity card. This same population has adopted mobile phones for just about everything. They have essentially accepted a national and international identity number. The phones have camera's and gps tracking. People plaster their faces and activities all over social networks. Someone asks for identity check and they go cool phone app and give their identity away.

The most concerning issue with the Optus data breach isn't that the servers were hacked and that data was stolen, the real issue is the number of people who were so willing to give data to organisations in the first place. To organisations which had no need or right to collect or store such data. The only organisation which needs to know your drivers license number is the government department which issued the licence and responsible for traffic control. The only organisations which need to know your Medicare number is the government department which issued the number and the organisations providing health services. These organisations have an on going use for the number.

Other organisations do not need to record these numbers or store them, all they need do is use to confirm your name. In the main this can be achieved by sighting the document. Taking a photo with phone camera is not sighting the document. Giving the number over the phone is not sighting the document.

If all that is required is to give numbers over the phone, then anyone who has collected the information, is able to masquerade and use the identities they have collected. Which is why it is acceptable for them to sight the document but not copy or record information from the document.

IN PERSON

So want to do things remotely over the phone or the internet or maybe even in person. Say change bank details. So go into a bank to change details of existing bank account. To do that need details of the bank account, which could be stolen from a letter box. The real owner therefore won't have the most recent communications from the bank, but they should have plenty of previous communications. Changing the name of the account would require 100 point ID check on new identity, changing the address would require verifying the new address. Again visiting the address is preferable, but admittedly they may not want to travel 150km to do so.

Now a change of address likely results in a change of landline, whilst email addresses and mobile phone numbers are likely to remain unchanged. Addresses, email addresses and phone numbers are for the purposes of communication, so passing these onto people wish to communicate with is not a major issue. Using these numbers and addresses for security purposes is thus not sensible. However there is potential to use communication channels to check that the person seeking the change is actually present in the office or is actually elsewhere.

If the request to make a change is by post, email or phone, then a response can be to check other channels of communication and request visit the office. Again travelling 150km is not desirable for either client or supplier. Therefore need to rely on the channels of communication.

CHANNELS OF COMMUNICATION

Now the channels of communication are a problem because they can be intercepted or redirected, on the other hand websites and email can be provided with some protection, via SSL. In the main however websites are protected by SSL, and I hazard a guess if SSL is used for email it is only on one side of the communication namely the supplier. So websites and browsers the preferred approach.

GOVID CONCEPT

So MyGov versus MyGovID. So MyGov is not considered secure. But why not? So anyone can create an account with any organisation, using any unique name. So say we have website GOVID, we create an account user name disenchanted2023. We now have a user name and a password to connect to an account, the account has no information attached to it. We provide a phone number for 2 factor authentication. We further make use of something like Symantec VIP access to go from 2 factor to multifactor authentication. So hopefully only the person who created the account has access to the account.

But as far as the computer system is concerned we are a nonentity, a nobody a nothing. But this nobody would find it difficult to exist within the nation without having interacted with some government department. So birth certificates, citizenship certificates, immigration visas and passports just to name a few documents at entry to the nation, and then there are tax file numbers.

So want to link tax account to the nobody account, so all really need is the tax file number as the tax file has all the associated information. But anyone could have the tax file number. On the other hand we don't want to waste time keep typing the same information into the system. So we setup the account with relevant information: name and address. To link to the tax account, the tax file number is provided to access and check, but not saved, and the other information is also checked against the tax account. If verified then the tax account has the potential to be linked to the nobody account but such is not automatic. Additional questions can be generated from the tax accounts which the user maybe able to check using their past communications with the tax office, such as returns. After this verification still not connected, it is simply pending.

The user goes through this process with various other state and federal government departments, with all the accounts left pending. All these accounts being verified against the same name and address details registered in the nobody account, that is they weren't changed between linking accounts. With 3 or more pending accounts all the accounts are checked once again in one batch to confirm all are based on the same name and address details. As each is verified, identification progresses, when all are verified then each accounts accepts verification of identity and all accounts are connected.

The basic accounts being, concerned with register of births and deaths, register of migration and citizenship, tax office, electoral register and Medicare. No information from these registers is stored in the nobody account, but all the registers have a record of the nobody account accessing and searching the register. Once the accounts are verified and linked, then the nobody account is a somebody account. From this point on other accounts can be added based on the already verified identity: which may include checking all existing and new accounts as a batch.

TAX OFFICE AND COMPUTERS

For the tax office to scrap the computer based Auskey and replace solely with a piece of junk which only works on a mobile phone is not acceptable. Mobile phones are poor computing devices, whilst they can run accounting software, it is unlikely to be acceptable for book-keepers and accountants to spend all day working on a mobile phone: they will do their real work with a computer having a decent sized screen and keyboard. Whilst the phone is only being used for registration and log in purposes, it is questionable as to why the system is not also available via computer. If computers lack security then that suggests we should be doing the work on the phone, and I've already suggested that mobile phones are an unsuitable piece of junk. {NB: May have noticed I hate phones and I really hate mobile phones. Mobile phones are not personal computers and are barely programmable to suit the users needs, and the operating system is generally a hindrance to accessing the phones content. The software on phones is typically bloated and poorly written: junk.}

As for hi-tech nonsense: biometrics, such as facial recognition, finger prints, voice prints. So your face has to be scanned and compared against something right. The something is stored data. Is it sensible to allow such data to be stored everywhere and anywhere? I suggest not. However, assuming that the data is stored on the mobile phone and only your face can unlock the phone, then maybe the data is secure, if you exclude future access to the data from concept of security. Personally if I can't access my own data then its not secure, and anything which poses an hindrance to such future access is not acceptable.

Any case the security features are used to access the phone, and then the phone is used to access other services. The other services are only concerned with their own access codes, do not make use of biometrics of store any other unnecessary and unacceptable data on their systems.

So newer phones have enhanced security features and encryption, whilst anyone can potentially access a computer at work as not all businesses create user accounts. But not all phone users enable available protections on their mobile phone. So phones are no more secure than computers. So use a computer to access the government services, but log on identity verified by the users mobile phone. Seems reasonable but why does the initial identity verification need to occur using a mobile phone, with a piece of junk software which only operates on the newest phones? I will hazard a guess it does not have anything to do with security. It is purely do do with incompetents using bloated software libraries which only operate on the newest phones. The bloat is a security hazard. If they, the developers, could actually program then the bloat would disappear, and the software would operate on vastly more systems, would be faster and likely more secure. {NB: Consider security updates are mainly patches to block things which shouldn't be there in the first place. With real security update software would get smaller and smaller until it only comprises of the code for the task at hand, no surplus code for capability not apparent to the user.}

There is thus need to verify identity without copying or recording of such identity information. It should also be possible to do so without something as expensive as a mobile phone and also without the on going expense of operating such mobile phone. The tax office believes MYGOVID acceptable because cheap mobile phones available for the purpose. So business can get new phones for the purpose. But this neglects the cost of operating the phone solely for the purpose of tax office needs. People have no need to update their mobile phones. Sure new phones have more features, supposedly improved capability and improved security, with increasingly different user interfaces (UI) which serve no benefit over the UI that you already have and likely provide a more irritating user experience (UX). Also people are not buying new phones because they want new phones, but because their current phone made inoperable by the software developers keep automatically pushing increasingly bloated updates. Create addiction, dependency, make a product like water which your life depends on, keep them hooked into buying again and again.

So cheap mobile phone and service, which solely has the purpose of a security device is not cheap enough. Whilst replacement for actual phone, is too expensive. Further why is my phone suitable for 2 factor authentication with every other organisation, but not the tax office? I'd want my bank account more secure than dealings with the tax office. To me the annual tax returns are a waste of time for employees: either you paid the right tax during the year or you didn't. If didn't then adjust and bring into alignment next year. For business, either do tax annually or more frequently, with computers it is potentially possible daily. Tax office systems seem obsolete immediately they are implemented.

PRIVACY AND SECURITY

The government and society have now had some thirty years to find a way of verifying identity with out the need to copy identity.

As indicated above in the past it was apparent that people assessing identities, may lie about the validity of identity information or having sighted identity documents. So taking a black and white photocopy of identity documents providing token evidence of having sighted a document resembling an identity document was adopted. So the person doing the assessment gets a defence, but such copying poses a hazard to the owner of the identity. This hazard was realised when colour photocopiers with collation memory introduced, and started being used to copy identity documents. Copying identity documents should have stopped.

But simply preventing copying documents is not enough. No information should be collected from identity documents and stored. If identity is to be abstracted to a pile of scrap paper, then that scrap paper needs to be protected. If identity is to be abstracted to a chunk of data, then that chunk of data needs to be protected. We need to retain sovereignty over our identities.

Now identity cards were opposed in the first instance because it gave impressions of a police state and restrictions on doing anything. The current problem is that there are already restrictions and identity is becoming increasingly easy to steal.

But a major part of the problem is that the 100 point identity check involves organisations across the country collecting and storing identities, when there is no need to. These identity stores provide a source of identity information which can be stolen. No need to steal from the owners address, can steal from any organisation.

The legal requirement is to verify your identity not take a copy of your identity. Verification does not require a copy of your identity. However the next problem is that the organisations need evidence that they have verified identities.

ORGANISATIONS NEED EVIDENCE OF IDENTITY CHECKS

It is imposed on various organisations that they conduct identity checks on customers, and further that they have proof of identity checks. They transform this need for proof into a need to copy identities. This copying of identities poses a hazard to the legitimate use of such identity.

So lets do this with paper. Fill a form in with information to search a given register. No carbon copy or other copy is taken of this form. It has a tear off strips which identifies the unique number of the form, these tear off strips are sent to various people, the purported owner of the identity gets one, the organisation keeps one.

One is sent to the government department with the register, the register is checked. Another tear off strip is returned with the response: reject or accept. The government department keeps the form, which only contains information the department already has. The other organisation has token evidence of having made an identity check. Every receipt can be verified with the associated government department. The transmission slip could be faked, but not interested in transmission, only that the transmitted data was verified or rejected. With paper this is likely to take a few weeks. With a computer a few seconds to minutes.

Now the problem is who filled the form in? It would be preferable that only the person needing their identity verified fill the form in and posts them off to the departments with the appropriate registers. So the organisation with need to verify identity never sees the identity information. They just receive slips with the accept or rejection of the register check.

So essentially a person requests the keepers of the registers to send verification tokens to the organisations seeking verification of their identity. The keepers of the records keep a record of the requests. So information is only passed to organisations which already have such information. As it is paper based, all postage is by registered mail and secure courier. Special envelopes can be used for the purpose, resulting in the mail being handled by a more secure system than normal post.

This can all be made faster with computer systems and encrypted data, and no other person ever needs to see any of the data.

PEOPLE IN UNIFORMS, WITH LICENCES OR ID CARDS

The vast majority of us have no need to carry out identity checks on anyone, our primary concern isn't who someone is, but if they genuinely represent the organisation they purport to represent.

Say a person with a builders licence for example. So you are expecting to employ a licensed builder, they give you their business card and it has a licence number on in. In the past if you had a phone and knew who to phone you could check the licence number and who it was assigned to. But how do you know the person before you is that person. For the most part probably don't care, because if anything goes wrong, the only issue of matter is the person before you. That is the person you need to find, the person you need to track, the person to be made accountable. For the most part that would just involve visiting their business premises, confirming others in the business are aware of your project, and contract. If they work from home, then may be need to confirm their home address. If they are a mobile service and have a vehicle then can get their vehicle registration number. Information as necessary to track the person, if there is a possibility they take your money and not provide the goods and services. Since contract should be based on work done and progress payments, there shouldn't be a problem. So don't care if they have a licence or not, and if concerned about the quality of their work, then split project into small steps with low cost, and put them on probation, and increase the size of the steps when satisfied they are capable. {NB: As I've said else where licences are worthless and make false claims}

Now people in uniform. Generally we trust people in uniforms: police, fire brigade, ambulance personnel, soldiers, other defence force personnel, nurses. But our trust is really with the uniform and the authority of the organisation they represent, not the person. So again don't really care who they are, but that they genuinely represent the organisation they purport to represent.

Problem is most likely we will buckle at the knees and our spines turn to jelly, when confronted by a person in authority. Depending on how they exercise their power and authority. If they annoy and irritate us, then our knees will straighten and spines turn to steel. Authority becomes irrelevant and only power matters. The distinct between power and authority is important, in most organisations it is the informal power structures which determine decisions and actions, not the formal authority. For example a person may have the authority to sack someone, but they don't have the power to do so. A person or group may not have the authority to dismiss someone, but they may have the power to force them out. So not only does responsibility have to be backed by the authority to complete required actions, but also the real power to do so. It's where a lot of promotions go wrong, because the person promoted doesn't have any real power. Authority comes from the organisation, power is with the person.

So a member of the police turns up. The first thing is not to be scared of questioning them, they're just ordinary people in uniform. For the most part you will not have the power to keep them out off your home, if required they will have turned up with all the resources necessary to force entry. If they are criminals they will also have the power to force entry. If they are genuine then they won't mind the delay and won't mind the questions, and no power will need to be exercised by anyone.

The police have a uniform and a number on that uniform. All of which can be faked. Plains clothes may have a warrant card, badge or something, again it can be faked. However they supposedly come from a police station. So you can phone and check with that police station, which requires you know the number of the police station.

Of course uniforms, numbers and warrant cards can be stolen and telephone calls can be intercepted. For most of us no one is going to go to that much trouble. Secondly your local police station may only have one person, or one person who is changed on a regular basis. In such situation need to know the police station responsible for assignments to the local station. Or better hopefully there is a transition period where the old and new do the rounds of the local area and the new is introduced. This doesn't require introduction to everyone, mostly just businesses in the area. So then have an independent check on who the local police constable is. So there are some people we expect to be known locally and to have local knowledge. Which is a problem because the typical Australian police constable on the beat is sat in a car and is known to no one.

So do photographic identity cards help? Lots of organisations seem to issue identity cards to their employees, especially those doing door to door sales, or have need to visit your home. So the people who check you gas, electricity and water meters, these days are likely to have photographic identity cards. Though given that for the most part you never really see them, it doesn't really matter. But if there is a situation where they do need to go into your house to read meters, you can view the card of who is supposedly visiting. I believe that builders licensing these days also involves photographic identity cards.

Now information on an identity card should be public, therefore should not allow employer to place unnecessary information on such card. You have to show such card, and the person viewing the card should be permitted to record the information. The card therefore has to be relevant to the task at hand. A photographic drivers licence is not acceptable form of identification for water meter readers, as not concerned with traffic control issues and therefore the parties to a transaction have no need to know the drivers licence number or any other information which may be on a drivers licence. The identity card should just be relevant to the task, the name and/or employee number of the employee and the organisation they represent with contact details for the organisation (including a physical address).

Having matched a face to the identity card that is not proof of anything. It doesn't work for international passports, so why would it work for anything else. An organisation having received a pristine digital copy of your identity document, for example drivers licence, how difficult would it be to replace your photo with theirs, and otherwise forge a drivers licence in your name? There would be no point stealing all this identity information, if there wasn't a market for fake identities and if it was impossible to produce a reasonable forgery of identity documents.

CONCLUSION

On the one hand identity data is nothing, on the other hand a large number of useless organisations with useless people turn this useless data into something. Think about it: a loan is taken out in your name with out your consent: how? The only time the bank turns up at your address is to throw you out. I would suggest the bank is negligent if it didn't visit your address in the first place, before granting you the loan {refer above}. May consider the bank doesn't care as its your house they are going to get and it is probably worth more than the loan. Then again when they turn up to take your house, they have to prove you are the one who took out the loan, that you gained the benefit of the loan. Chances are they cannot so prove. Therefore it should be important for them to properly check that they can recover the money from the person they are actually conducting a transaction with: not some useless name, but the actual flesh and blood individual.

Our faces are already plastered all over security camera's in supermarkets, so may be should permit our photo's to be used for identity purposes. In other words, we don't care what your name is, just that this face entered this store and conducted business. For most businesses, this is routine, and the record and facial recognition is in human memory, as flawed as that may be. For other situations, like the bank, this face has this customer number, and this customer purports this address. Go check if the face is at the address.

It may not help with online transactions, but which transactions should be permitted online without person to person interaction. It should be noted that telephone transactions are also flawed and should be limited in scope.

As for photo's well you don't want your photo used on an identity card, which isn't yours, but then what use is such? More important that you identity card is not modified and and the photo replaced by someone else's. Real issue for photos, is don't want your photo attached to activity which is not your activity. So plastering your photo all over the internet is not a good idea: and that includes putting you photo on LinkedIn: a foreign website, subject to foreign laws.

Putting your photo on a resume is also not a good idea: the business can take a photo once you are an employee, they have no need for one before hand. Whilst it may help for them to know who you are when you turn up for an interview the majority of the time you won't get an interview, nor will you know what the employer looks like.

Another issue is employers increasing requests for police checks in their job advertisements. If the employer doesn't trust you, don't trust the employer or any of their employees. If you have to provide a police check to them, then they should provide their police checks to you. This isn't about situation where there is a legal requirement for police checks. If there is a legal requirement, then assumption is that all employees and the people you are dealing with have had a police check: and therefore assumption is they can be trusted. No! I'm referring to foolish employers demanding police checks when no legal requirement for such, and no real value in such.

This is not a police state. People are innocent until proven guilty. People are trusted until proven untrustworthy.

Notes:

As far as I remember here in Australia, in grade 7, it was the British English we were taught. But if search the internet it seems South Australian business and government either doesn't know how to spell or simply adopted: licence, licencing, licenced.
Licence vs. License—Spelling Rules
What Is the Difference between "Licence" and "License"?

References & Further Reading

Revisions:
[4/2/2023] : Original/Draft

[5/2/2023] : described more situations, and added references

Tuesday, January 31, 2023

Water Supply and Water Carriers

As indicated in the previous article I read the following recently: Women work harder than men – our anthropological study reveals why. This got me thinking about the issue of fetching and carrying water from a distant location.

Now it seems that fitness trackers could be used for industrial engineering, work study and work measurement providing improvements over simple time measurement. It also seems they could be helpful in the undeveloped countries.

Consider the common disparity where girls, their sisters and mothers often spend a significant amount of time each day collecting water from distant locations. It should be clear that counting foot steps is of little value, the daughters with shorter strides obviously travel the distance between home and the water supply with more foot steps. But do they do the task in the same time as their mothers or burn the same number of calories, and do they get closer to their MHR than their mothers and does their heart rate stay close to their MHR longer?

Not that we don't necessarily need any measurements to make an initial assessment.

I recollect a recommendation of a minimum of 9 litres (L) of water per person per day to satisfy various needs: thirst and hygiene. WHO guidelines currently indicate need for 15 L or 7.5 L for short term emergency response. Assuming a 4 person family then each family needs 30, or 36 L to 60 L per day.

I believe they typically carrying 10 L to 20 L at a time, and make around two trips per day, and the trips can be up to 5 km for both the outward and homeward trips, so 10 km round trip. Average walking speed is typically taken at 5km/h or slightly lower 80m/min. So each round trip is at least 2 hours duration, and the total time used for collecting water 4 hours per day. So rate of water delivery is 0.08 L/min to 0.17 L/min.

When I turn the tap on water is supplied, depending on tap, at rates between 3.9 L/min and 29.6 L/min, with recommended flows being between 6 L/min and 12 L/min, hot water typically being the slowest. But there is a lot of wasteful industrial infrastructure to make that possible, plus need a large water supply to fill pipelines. If water supply is small, then transportation by container is preferable than piped water supply, as water in the pipes is basically lost.

Alternatively consider a small car, can travel at 50km/h and tow 700 kg. Assuming trailer tank is 200kg, then have 500kg available for water. So the 5km trip now only takes 6 minutes, the two way trip 12 minutes, and now have 500 L, to achieve 41.7 L/min. Assuming car achieves 10 km/L, then need 0.5 L of fuel for each trip, or 1 L for round trip. Assuming the fuel provides 41.8 kJ/g , and taking the density as 800 kg/cu.m, then using 400g of fuel for each trip, provides 16720 kJ of energy, and suggesting average power of 46.4 kW. However, also need yo consider all the infrastructure required to build and maintain the vehicles and produce and distribute fuel, and all the energy it also requires.

So back to the capabilities of people. A typical recommendation is maximum load to carry is 25% of body weight. Consider that the youngest girl employed for this task is 5 years old, then have female body weights [14,24,45,65]kg for ages [5,10,18, older] years, except for the 65kg these are 5th percentile weights. For males have weights of [16,27, 56, 80]. Therefore females can carry [3.5, 6,11.25.16.25]kg and males [4,6.75,14,20]kg, which at 1000kg/cu.m equates to [3.5, 6,11.25.16.25]L and males [4,6.75,14,20]L of water. So to carry 10 L to 20 L of water typically carrying more than recommended. Also this is ignoring the weight of the container. If the weight of the container is small as would be if simple plastic bag, then can neglect but if a heavy 5kg to 10 kg clay pot, then it needs to be considered. {Note a plastic bag is light weight but not very robust and easily punctured}

So assuming main providers are able to transport 10 L per round trip, and need between 36 L and 60 L per day. Assuming can only make 2 round trips per day, so can only fetch 20 L/day, then need 2 to 3 people carrying water each day. which typically falls to children and mother, and of the children typically the girls. Assuming most only achieving the 36 L recommendation, then 2 people making total of 4 trips required. The above suggests that the father alone would only need make 2 trips to fetch 40 L of water: but assume he would be otherwise busy pulling a plough or something.

Now a wheeled or rolling container would require less force to move. Coefficients for rolling resistance can be as low as 0.001 for steel wheels on steel track, but our situation is likely rough undulating terrain and I don't have any values for such. So I will assume about 25% of force required to push/pull when on wheels. So 10 kg, only requires 2.5kg to push/pull, whilst 20 kg, requires 5kg to push/pull. As I don't have push/pull forces for children, I will assume the 25% rule as applies to carrying also applies to pushing and pulling, so the push/pull forces can apply are the same as the carrying capacities above.

So moving 20L within the capabilities of the 10 year old girl without exceeding recommended limit, but still a bit heavy for the 5 year old. Though the 5 year old doesn't have to fill the container, and could move 14 kg, or less if the weight of the container is significant. It now means the 10 year old can transport 40 L in two trips, and so only one person is required to fetch water.

Now Aquarolls hold 40 L and Hippo rollers 90 L, other more conventional wheeled containers hold 23 L. Hippo also suggests the effective weight when pushing/pulling is 10 kg, which drops our estimate of rolling resistance from 25% to approx. 11% of the load . So the 23L container requires 2.6kg to pull, and the 40L requires 4.4kg. Whilst the females have potential to move volumes of [31,54,101,146] L and the males [35,60,125,180] L.. So 5 year olds can only shift the 23 L containers, whilst those above 10 years can use 40 L Aquarolls, whilst only 18 year olds and older can use the Hippo's full of water.

On this basis only one person is required to make one trip to get 36 L of water using a 40 L rolling container, if they get the 40 L then they get 4 L reserve each day. But if can use the 90L Hippo, then it provides 30L surplus each day based on the higher recommended usage of 60 L. If they don't have a storage tank then they can get benefit from using more water if they use the 90L container.

If they have a storage tank, then they can store the surplus, and further reduce number of trips to make. It would take two trips to get 60L surplus, enough for a days needs. So they can rest every third day, or they can make two trips in a day (180L), and rest for two days or for the children they get 2 days at school. Or given mother can collect all water on her own, the children get to go to school.

Though there is another important factor, and that is the effort required to lift 90kg of water from where ever it is collected: if the container can be wheeled in and out off a water supply and filled, then not a problem. But if it has to be lifted in and out off the water supply, then it is too heavy for one person to fill. Thus getting water in and out off the carrier container are other issues to consider.

The original assumption was they could travel at 5km/h carrying the load on their backs, in their arms or on their heads, it is assumed they can still travel at 5km/hr pushing/pulling the load. Also assuming that there is no change in the force applied, they apply the same force but are able to move a greater load.

So if F0 is the force to move an empty cart, and W0 work done to move an empty cart and the trip length is 's', then W0=F0.s for the outward trip, whilst if F1 is the force to move a full container, then W1=F1.s is the work done to move the full container. The total work done for a single round trip is W=W0+W1=F0.s+F1.s=(F0+F1).s, the total work done in a day was 2 round trips so Wt=2.W, but with the help of technology it reduces to a single round trip and Wt=W. {NB: If F0=F1, then W=2W1=2F1.s=F1(2s), and Wt=2W1=2(F1.2s)=F1(4s), that F0<>F1 is therefore significant.}

Noting that for the original method, the total distance travelled in a day was (2*2s=4s), whilst with the new method it is reduced to (1*2s). Also since speed has not changed and force not changed then Power, P=F.v has not changed. Not working harder, just spending less time working and therefore total energy use reduced (W=P.t).

Generally don't want to change the power. Consider recommended fuel intake is 8700 kJ, if don't gain or loose weight, then rate of energy usage is approximately 100 W, but at 25% efficiency then external work is at approximately 25 W. But from bicycling science book, can expect to sustain a power of 74.6 W for long periods, but to do so would require more fuel than the recommended daily input. We can therefore assume that work less than 25 W is easy work, whilst that above 74.6 W is hard work, and hard work requires increased fuel supply.

Now the mechanics of walking and pushing carts is complicated so I don't know the actual magnitude of forces involved. But for simplicity I will just convert the assumed 10kg pull force into Newtons, 10*9.81 = 98.1N. And assuming a 5000m trip W=98.1*5000 = 490500 J = 490.5 kJ. The human engine is about 25% efficient therefore need 490.5/0.25 = 1962 kJ of fuel (food energy), or 1962/4.18 = 469.4kcal (Calories) for the return trip moving the water, 1962/8700 = 0.23 or 23% of daily intake. Less would be required for the outward trip with the empty container. The trip takes 1 hour so P=W/t=490.5*1000/3600 = 136W whilst fuel consumption is 1962*1000/3600 = 545 W, or 469.4/60 = 7.82 kcal/min. As the power exceeds both 25W and 74.6 W, can say that shifting water is hard work, but can be made easier by travelling at less than 5km/h, which is viable if have fewer trips to make each day.

From other data walking at 5km/h, uses 280 W (J/s), this expect to take 1 hour, therefore energy use (fuel) is 280*60*60/1000 = 1008 kJ, or 1008/4.18 = 241.1kcal. Since this is walking without any additional load, the above calculation for walking with a load is probably correct order of magnitude.

Still another approach is using metabolic equivalents MET's from the compendium of physical activity. So looking at similar activities pulling a rickshaw requires 6.3 MET's, climbing hills with 21 to 42lb load is 8.3 MET's, or walking, 2.9 to 3.5 mph, uphill, 1 to 5% grade 5.3 MET's. Walking with baby stroller 4 MET's, or farming, hauling water for animals, general hauling water is 4.3 MET's. So our needs something between 4 MET's and 8.3 MET's depending on the terrain. Now chances are these are not calibrated for children, however will use anyway as just estimating. So for the 10 year old at 24kg weight, we get 4*3.5*24/200 = 1.7 kcal/min, and 1.7*60 = 102 kcal which seems low compared to other calculations. So try 8.3*3.5*24/200 = 3.5 kcal/min and 3.5*60 = 210 kcal. It would seem MET's under estimate the fuel energy requirement, however some guidelines are provided to make corrections for various parameters. {Also I'm doubtful that all the activities come from actual measurements or detailed assessment of the specific activity listed.}

Now some women at the local gym on the Airdyne bike (arms and legs) can burn 10 kcal in 10 seconds, or 1kcal/s or 4180 W, as most gym equipment use calories for estimates of food energy and the Watt meter for useful external work and few people pay attention to the Watt meter, will just have to use the 25% rule, and so the useful external work is 1045 W or 1 kW, but this is only sustained for 10 seconds. A small engine on the other hand could output such power all day, as long as it has fuel.

A bicycle is typically about 4 times faster than walking, so the walking speed 5 km/h is increased to cycling speed of 20km/h, and so the 5km trip reduced from 1 hour to 15 minutes, saving more time, at least on the outward trip. The ordinary exercise bike at the gym, indicates my dodgy heart can sustain between 100W and 180W for 30 minutes, and travel anything from 15km to 20km, depending on the day, so speed varying between 30km/h and 40km/h. So if the trip is suitable for bicycle or tricycle then the time for the outward trip can be significantly reduced, the homeward trip with the water will be slower, noting that above estimate requires 136W just to move the water, with no reference to power to move person, moving at higher speed will need more power and will also have additional power requirements due to increased air/wind resistance. By comparison an electric cargo bike is typically powered at 250W with maximum cargo of 100kg or less, with rider of 100kg, so an ebike could help with the task, if had the infrastructure to charge the bikes battery.

School Experiment

It suggests a potential school experiment. Use fitness tracker to measure Calories (kcal) for walking a reasonable distance (100 to 200m) without any load, then walk the same distance carrying increasing amounts of water, and produce a graph of litres carried against calories burned. Increase the water by 5 to 10 litres at a time, use a container which carry in a back pack or otherwise suitable for carrying in arms in front. The results should show that as the volume of water increases the calories burned increases. Also as the weight increases the travel speed decreases, until weight is too heavy to move, or distance can carry significantly reduced.

Then do the experiment with a roller container, or a container and some form of wheeled trolley. Again make several trips with different volumes of water and measure calories burned. Again increasing volume of water should burn more calories as more force is required to move heavier weights. Plot the two curves on the same chart. For any given volume less calories should be required by using the wheels compared to carrying.

References & Further Reading:

Water Sanitation and Health
10 things you didn't know about water
UNICEF: Collecting water is often a colossal waste of time for women and girls
Water scarcity: Addressing the growing lack of available water to meet children’s needs.
Water within reach: Compare two 5-year-olds’ walk for water
Pushing and Pulling - Handcarts
Compendium of Physical Activities
Metabolic Calculations in Action: Part 1
Metabolic Calculations in Action Part 2
Determining the I (Intensity) for a FITT-VP Aerobic Exercise Prescription
Power output during exercise
wheel
Simple Machines — How Do Wheels and Axles Work?
Wheel and axle
{NB: Not concerned with input and output of the machine. We are comparing two different techniques.}

Revisions:
[(31/01/2023) 16:26] : Original

Pages