“The Internet is like the lunar surface — it never forgets a footprint. With Identity Mixer, we can turn it into a sandy beach that regularly washes everything away.”
— Dr. Jan Camenisch, Cryptographer and Co-Inventor of Identity Mixer, IBM Research
We all use electronic services increasingly often in our daily lives. To do so, we have no choice but to provide a range of personal information for authorization and billing purposes, or as part of the terms and conditions of service providers.
Dispensing all this personal data erodes our privacy and puts us at risk that criminals could abuse this information.
IBM Identity Mixer is a cryptographic protocol suite for privacy-preserving authentication and transfer of certified attributes. It allows user authentication without divulging any personal data. Thus, no personal data is collected that needs to be protected, managed, and treated according to complex legal regulations. Nevertheless, service providers can rest assured that their access restrictions are fully satisfied.
“If your personal data is never collected, it cannot be stolen.”
Identity Mixer allows users to minimize the personal data they have to reveal in such transactions. For instance, if electronic identity (eID) cards were realized with Identity Mixer, then teenagers possessing such eID cards could log onto a teenage chat room just proving that they are indeed 12–15 years of age without revealing any other information stored on the card such as their name or address.
When Identity Mixer was first developed, IBM scientists made it available in Github, where it remains today. However, it can be quite cumbersome to use, even for more experienced developers.
But in the meantime, IBM scientists have changed this by making Identity Mixer available in the IBM Bluemix cloud. Developers can now simply copy and paste the code into their apps to become privacy-friendly in minutes.