IBM seeks to protect developers by encrypting personal information

IBM has announced it is bringing a new and experimental service to the Bluemix developer platform, which will allow users to identify themselves without giving away any personal information.

Identity Mixer uses encryption to secure identity attributes associated with a user, like age, nationality, address or credit card details.

IBM says the encryption only partially reveals the information to third parties.

"Identity Mixer enables users to choose precisely which data to share, and with whom. Now, web service providers can improve their risk profile and enhance trust with customers, and it's all in the cloud making it easy for developers to program," said IBM chief privacy officer Christina Peters.

Typically, online services require users to register an account using some personal information, like name and age, in order to determine whether the person can accept the end user licence agreements and other terms of use.

But giving a lot of that information away can be risky, especially if the service becomes victim to a hacker attack, IBM claims.

As an example, IBM cited an online film streaming service that needs to know how old the user is, so that it can determine whether or not he’s allowed to watch a specific movie.

Identity Mixer can provide confirmation to the service that the person is above a certain age and that their subscription is indeed valid, without revealing any further details.

Dr Anna Lysyanskaya, a co-inventor of Identity Mixer and professor of computer science at Brown University in Rhode Island, said that the motivation behind its development was to allow individuals to have control over the information they reveal about themselves.

"With Identity Mixer now in the cloud, developers have a very strong cryptographic tool that makes privacy practical," she said.