An idea that has come up many times before, User Identification, is a hotly debated topic among security experts. The general goal is to reduce certain levels of anonymity on the internet in order to increase accountability and security.

According to an article at Australian PC Authority, security experts like Eugine Kaspersky (co-founder of Kaspersky Internet Security) are recommending government-sponsored ID requirements for computer users that would increase security for banking and other sites at high risk of fraud.

As it stands now, the only identifying information that can be gathered about a website visitor is their IP address and the voluntary information sent by their web browser (user-agent and cookies). In the case of IP address, this is vaguely identifying and can lead to some information about the visitor's geographic location and service provider. On the down side, IP addresses are easily spoofed and often disguised by proxies, network address translation and VPN services. Browser information, including cookies, are all but useless in tracking a cyber criminal.

As proposed, two-factor authentication, biometric based ID and/or physical identification cards would prevent some of the most common threats. Phishing scams, identity theft and bank fraud would be much harder to pull off if you had to scan your fingerprint or retina to log on. Sound a little too futuristic to you? Well you may be right, but many laptops today ship with fingerprint scanners or facial recognition software already.

More realistically, ID card readers could require a form of digital passport for certain levels of internet access. Kaspersky believes IDs could be used to combat security issues associated with popular sites such as Facebook and MySpace. Currently the top places for deception-based scams (phishing) are Facebook, eBay and PayPal all of whom have no identification requirements beyond standard username and password. Physical counter-measures, on the other hand, are much harder for cyber criminals to infiltrate.

Reportedly, some Baltic countries and some British banks already have hardware-based identification in use today. On a larger scale, though, it would be very expensive and would require the cooperation of many governments, PC makers and financial institutions.

Is all this identification a good idea? Well many say no. According to a ZDNet article, there are various reasons why this would never work, including significant privacy concerns, risks of fraudulent authentication, technological hurdles and budgetary challenges.

As most of us know, the internet is a very big, very anonymous place and people should be mindful of the fact that not everything is as it claims. With new identification methods, there may be a less anonymous internet in our future, but for now we need to be alert and aware of the risks and approach online security with a "guilty until proven innocent" mindset.