Title: SECURITY ASPECTS

Not only do personalised and group profiles reveal a ‘reality’ of a profiled person, also the fact that these data can be associated to personally identifiable information (PII) pose a risk. One of the risks incurred by the potential access to PII, is that of identity theft and identity fraud. These crimes are clearly on the rise in recent years, partly due to the fact that more and more activities are handled online. In cases of ID theft typically PII, such as social security numbers, credit card numbers, or Social Fiscal numbers, are taken from victims without their consent in order to commit other crimes (see FIDIS deliverable 5.2 for a detailed account on ID fraud/theft). Identities are usually taken to conceal one’s original identity (in order to acquire a visum for instance), to make some financial profit from some form of fraud (obtaining a credit card under a false identity, for instance), or to avoid financial liability (e.g. tax avoidance). In the context of AmI profiles, AmI introduces two types of risks with respect to ID fraud/theft. Firstly, PII can be part of, or associated to the profile, for instance as stored on a personal Identity Management Device (IMD) and thus be a target for ID fraudsters. IMDs most likely will contain PII. If these data are not secured properly, perpetrators could gain access to these data and copy it for criminal purposes. As AmI devices are likely to communicate by means of radio signals (RF), perpetrators can either try to hack the IMD to gain access to the data, which may be a criminal offence, or they may try to intercept the transmission of PII from IMD to remote devices. To minimise these risks, the IMD should be equipped with security measures to limit the possibilities of hackers getting access to the data stored in the IMD. With respect to the data transmission, risks can be limited by minimising the transmission of PII altogether, and if PII should be revealed data transmission should be properly protected by encryption techniques.

A second type of risk associated with PII is that the profiles, or part thereof, can be used to target potential ID theft victims. As the profiles reveal much information about habits and preferences of the profiled individual, they may reveal attributes of interest to perpetrators. For instance, if an individual’s restaurant preferences (as described in section ) include high-class restaurants, as well as other expensive habits, this may signal that this individual is wealthy. And this in turn may make this individual a suitable target for identity fraudsters. Of course positioning oneself close to or inside such restaurants to register clients will reveal the same information. But again, as the AmI scenario is based on RF communication, the electronic monitoring of profiles is less obtrusive than spying on clients from the next table. Once a potential victim is targeted, the fraudster may try to acquire the required PII by means of hacking the victim’s IMD, but also monitoring and surveillance, and ‘traditional’ tools of the ID crime trade, such as phishing can be used to lure the victim in revealing his PII.