Identify Verification (and how to bypass it)

Most marketplaces, in order to function properly, require some form of identification of their users. It is a well-known problem that the ability of participants to generate easily new identities can lead to many problems.

At the very basic level, if participants can easily create new identities, then reputation systems lose part of their power: If a user gets scores that are mediocre or bad, then it is often preferable to abandon the account with the bad scores and start again. Even more importantly, Sybil attacks, where one participant generates multiple accounts, can fool many systems that rely on peer evaluation, or assume that users are independent of each other.

For example, in services such as Mechanical Turk, which rely on redundancy to ensure high-quality answers, many spammers create multiple accounts and try to attack simple tasks by entering the same answer in all questions. I also remember Luis von Ahn was describing an attack against reCAPTCHA, where 4chan users attacked reCAPTCHA by trying to guess which of the two words was the known one, and entering "penis" as the other word :-)

It is therefore not surprising the most marketplaces attempt to have some form of identification service. A form of identification that is considered strong is to ask for unique ID element from the registering users, e.g., the SSN of the participant, asking for place of birth, etc. Interestingly enough, it is trivially easy to bypass many such identity tests.

Go and check the website Fake Name Generator. You can specify the characteristics of the name that you want, and you get back an entry that you want. Someone with Japanese heritage living in the US? Sure thing, here is the entry for Mr. Souma Miura:

You prefer something more exotic? May a person of Icelandic origin living in Cyrpus? No problem

Interestingly enough, I was able to fool quite a few websites that supposedly guarantee for the identity of their participants. All of them accepted without problems the fake identities, and in some cases even the credit card numbers (not for actual charges but the fake credit card numbers were accepted as legitimate credit cards to create a profile). For obvious reasons, I will not reveal the names of the victims :-)

So, how can a market secure better against identity attacks? Here a few examples that I encountered:

• On Embee Mobile the payment to the workers is free talk time for their cell phone. While it is definitely possible to change the SIM card and the phone number, this is definitely not a cheap generation of identities.
• On oDesk, as part of the identification, participants are asked to send scans of their driving license and of their bank statements, in order to unlock the ability to apply to large (more than 5) projects. While it is certainly possible to fake those, it is unclear what someone can do with the money collected to an account if the cash cannot be withdrawn to a bank.

Perhaps in the future we will see the emergence of identification services for individuals. We already have such services for websites (e.g., Verisign). It is conceivable that someone will be able to guarantee for the identify of a person, but you can see already the Big Brother concerns that such a service will raise.

KNOW YOUR INTERNET BROWSER SHORTCUTS

Know your Internet browser shortcuts

There are dozens of different shortcut keys that can be used with Internet browsers. Below are a few of our top suggested Internet browser shortcuts.

• Press Alt + D or Ctrl + L to move the cursor into the address bar.
• Hold down the Ctrl key and press the + or -to increase and decrease the size of text. Ctrl + 0 will reset the text.
• Press the backspace key or press Alt key + left arrow to go back a page.
• Press F5 or Ctrl + R to refresh or reload a web page.
• Press F11 to make the Internet browser screen full screen. Press F11 again to return to the normal view.
• Press Ctrl + B to open your Internet bookmarks.
• Press Ctrl + F to open the find box to search for text within the web page you are reading.

TAKE ADVANTAGE OF TABBED BROWSING.

Take advantage of tabbed browsing

Take full advantage of tabbed browsing on all Internet browsers. While reading an article or browsing a website, you may come across a link that interests you. Any link to another page can be opened in a new tab so it does not interrupt your reading. To perform this action, hold down the Ctrl key and left-click the link. If you have a mouse with a wheel, click the link by depressing the wheel instead of rolling it. Either of the methods opens a link in a new window.

Tip: To open an new blank tab, press Ctrl + T at the same time.

You don't need the http:// portion of a web page

When entering an Internet address you do not need to type http:// or even www. in the address. For example, if you wanted to visit Computer Hope you could just type computerhope.com and press enter. To make things even quicker, if you are visiting a .com address you can type computerhope and then press Ctrl + Enter to type out the full http://www.computerhope.com address.

Quickly move between the fields of a web page

If you are filling out an online form, e-mail, or other text field you can quickly move between each of the fields by pressing the Tab key or Shift + Tab to move back a field. For example, in the example form below you can click in the "First Name" field type anything and press tab to switch to the next field.

Example Form

First Name: 
Last Name: 
E-mail: 

Tip: This tip also applies to buttons, if you press tab the buttons can also be highlighted. Once a button is highlighted press the spacebar or enter to push the button.

Tip: With a drop-down box that lists dozens of options you can press the first letter to scroll down to that letter. For example, click the drop down box below and then press "u" to quickly scroll to Utah.

             State...             None             -- UNITED STATES --             Alabama             Alaska             Arizona             Arkansas             California             Colorado             Connecticut             Delaware             Florida             Georgia             Hawaii             Idaho             Illinois             Indiana             Iowa             Kansas             Kentucky             Louisiana             Maine             Maryland             Massachusetts             Michigan             Minnesota             Mississippi             Missouri             Montana             Nebraska             Nevada             New Hampshire             New Jersey             New Mexico             New York             North Carolina             North Dakota             Ohio             Oklahoma             Oregon             Pennsylvania             Rhode Island             South Carolina             South Dakota             Tennessee             Texas             Utah             Vermont             Virginia             Washington             West Virginia             Wisconsin             Wyoming             -- CANADA --             Alberta             British Columbia             Manitoba             New Brunswick             Newfoundland and Labrador             Northwest Territories             Nova Scotia             Nunavut             Ontario             Prince Edward Island             Quebec             Saskatchewan             Yukon Territory             -- AUSTRALIA --             Australian Capital Territory             New South Wales             Northern Territory             Queensland             South Australia             Tasmania             Victoria             Western Australia           

Bonus Tip: You can also use the autofill feature to fill in common form fields.