INTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY

Transcription

1 INTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY A PATH FOR HORIZING YOUR INNOVATIVE WORK A PROPOSAL FOR UNIQUE IDENTIFICATION NUMBER FOR ALL ONLINE ACCOUNT HOLDERS TO CURB THE MENACE OF FAKE ONLINE IDENTITY RUPALI SHEREKAR Prof. Ram Meghe Institute of Technology and Research, Badnera, Amravati, Maharashtra, India Accepted Date: 05/03/2015; Published Date: 01/05/2015 Abstract: With the billions of online website users - the volcano of online buyers and sellers, the subscribers to social networking sites - creation of fake identities and more than one accounts, posing as someone different has become a child s play. All these developments have lead to a whopping increase in the number of online foul play. This immense potential of social networking sites is time and again being wrongly used by users who extract private information of innocent users. One of the most common ways of performing a large-scale data harvesting attack is the use of fake identity accounts, where malicious users present themselves in profiles that are fake or represent some real persons. This paper dares to put forward a solution in the form of a proposal that may not completely curb this menace but help in minimizing it. Keywords: Online Fraud; Solution; Social Networking; Theft; Corresponding Author: MS. RUPALI SHEREKAR Access Online On: How to Cite This Article: PAPER-QR CODE 961

2 INTRODUCTION This decade is seeing a complete revolution in the way online users participate in online activities. The volume of subscriptions to social networking sites and the boom in online selling business is proof enough. Non-suspecting online users, register to these websites and divulge a lot of private information thus making it public. This information of users is misused by other malicious users. Before the victim realizes the damage is already done. And many a times this injury is irreparable and irreversible. One of the common threats to online users is identity theft. The definition of identity theft includes three general types of incidents: unauthorized use or attempted use of an existing account unauthorized use or attempted use of personal information to open a new account In addition to the above mentioned financial losses, character assassinations and victimization of girls especially is a common crime. Many techniques for detection of fake identities have been put forward. Punishment is not a solution. In many cases finding the culprit is a daunting task. Rather, it has become a most urgent need to curb the menace of online fraud. I myself have seen one of my 15 year old niece s fake identity on Facebook. The trauma, social injury and financial loss the victim goes through is irreparable. Many techniques for detection of fake identities have been put forward. But there needs to be a solution where creation of fake online ids will become impossible Through this paper I propose the compulsory use of a Unique Online Identity (UOI henceforth) for all internet users who have to create an account or register with a website. THE PROPOSAL Creation of a Unique Online Identity for all the users The UOI providing agency could be a government or government sponsored agency. Provision of UOI should be free of cost. 962

3 The account creation or registration forms of every website should make it compulsory to fill up the UOI. It will be mandatory for the websites to check the UOI with the UOI providing agency. Only then an account should be created. Also, if an individual/organization wants to verify the authenticity of a person then the UOI providing agency should provide the name and picture (non-downloadable with a minimum resolution) through an official website. The UOI providing agency can earn by providing its services to online players at a cost. As a rule it should be made mandatory for any online selling/social networking website to register with the UOI providing agency. Updation of UOI should be made compulsory for the existing users within a given time period or then accounts can be blocked. SITUATIONS AND SOLUTIONS As per Wikipedia listing many countries (around 80) have a unique identification number which is provided to citizens at birth or at completion of 18 years of age. Only India it seems is circling between the election card, PAN card, Passport and Adhaar card. India Problem: In India more than 40 crore people have been issued Aadhar cards. At present the Aadhar card cannot be made a compulsion as per the Supreme Court directives, as the project lacks legal or statutory authority and is operating without any parliamentary approval. 963

4 After parliamentary approval comes through this same card number can be made mandatory by networking or business websites for new users registering with them. But then the onus of sending passwords to registered s will lie with the UOI providing agency. This seems an infeasible idea at present. But providing an individual s details also is a breach of privacy. But if this works no person on this globe would be able to float a fake identity. Checking of an identity at registration would never allow a duplicate/fake id for a person. Creation of id: Creation of the first id can be allowed without an identification with a time period for registering the identification number. If a person fails to provide the identification within a specified period the id can stand cancelled. Verification of UOI by various websites: If generation of ids through the UOI providing agency seems infeasible, verification can be done by websites but for a price. This again breaches the privacy of people data. Verification of UOIs by websites can be done from the data made available by UOI generation agencies of various countries, but at a price. Generally websites like social networking sites that cater to a global audience are big players where finance is not a problem. For online sellers, job portals, shelling out a price for verification of UOIs seems good after the website earns a good commercial value. Ensuring that all websites register with the providing agency: Here the websites can be divided into two categories Ecommerce Websites Social Networking Websites For both the categories of websites, simply an addition of a clause in the regulations which makes it mandatory for the websites to input the UOI of the registrant at registration can solve the problem. A check on the registration process of the websites should be the responsibility of business registering authorities or of the domain name registers. The regulation that makes refurbishing of UOI for registration with a website can have a clause that compels domain name providers and business registering agencies to ensure that the registration/account opening pages of the website owners make it compulsory to input the unique id no. 964

5 Ensuring the security of people data: All the above procedures, if followed will ensure privacy of people data. Security of data will be the sole responsibility of the UOI providing agency. Generation of passwords: What I propose is a generation of a onetime password through an id or cell number registered with the UOI providing agency. This will actually authenticate the user and at the same time maintain and preserve his/her privacy. CONCLUSION Online identity theft is a big menace and curbing it is a global concern. The above mentioned proposal if implemented should be a simple but sure solution to problem online identity thefts. For a global consensus and solution to the issue, global amendments in the cyber security laws is a must. It sure is seemingly a lengthy process but success it will ensure. REFERENCES 1. Ali Hedayati, An analysis of identity theft: Motives, related frauds, techniques and prevention Journal of Law and Conflict Resolution Vol. 4(1), pp. 1-12, January Authority_of_India _number 965