This model does not rely on cryptography or computational hardness. It relies on physical and structural separation.
What do you think about the current situation where everything is concentrated in a single smartphone?
Modern smartphones have a structure in which identity, authority, and private keys are all concentrated in one device for authentication. As a result, if a single smartphone is compromised or lost, everything is lost. Putting everything into one smartphone is not necessarily bad. Because it is convenient. However, I want you to think about security.
- Can the loss of one smartphone really be compensated easily? - Is the information that is lost or stolen really that insignificant?
I think this way: A structure where one loss leads to total loss is…
This model does not rely on cryptography or computational hardness. It relies on physical and structural separation.
What do you think about the current situation where everything is concentrated in a single smartphone?
Modern smartphones have a structure in which identity, authority, and private keys are all concentrated in one device for authentication. As a result, if a single smartphone is compromised or lost, everything is lost. Putting everything into one smartphone is not necessarily bad. Because it is convenient. However, I want you to think about security.
- Can the loss of one smartphone really be compensated easily? - Is the information that is lost or stolen really that insignificant?
I think this way: A structure where one loss leads to total loss is dangerous. By intentionally dividing this convenience, we may be able to maintain usability while improving structural security. So how can we solve this problem?
A Two-Card Approach
I propose one improvement: using two cards. In my system, instead of relying entirely on one smartphone, authentication functions and information are distributed across two cards. With this design, even if one of the two cards or the smartphone is lost, secure operation can continue. The idea of distributing information across two cards is based on intentionally separating the roles currently concentrated in smartphones, making the system more secure and easier to use. Some may say that using two cards is inconvenient. However, with current technology, automation is possible. From an authentication perspective, I believe that presenting one card is still necessary. The process of "I am intentionally authenticating right now" is still important for humans. The other card can stay in your wallet and operate automatically using Bluetooth Low Energy (BLE) or NFC. It only responds when identity confirmation is required. With this automation, users only need to present one card, just like before. Company gates, for example, can be fully automated. However, full automation must always be implemented carefully.
Security Strength with Two Cards
Although not widely known, using two cards can dramatically increase security strength. This is a completely different level of security compared to one card or one smartphone. The physical separation between the two cards creates a gap that cannot be exploited by computational attacks. Even quantum computer attacks become practically meaningless. This extraordinary strength comes from the fact that there is no clear attack target. When nothing meaningful exists in one place, there is nothing to steal. This level of defense is achieved only when:
- Two cards are used - Information is separated correctly
With a single card or smartphone, this level of security is impossible. In other words, even inexpensive cards costing only a few hundred yen can provide strong structural security.
Separating Identity and Authority
In systems like driver’s licenses, we have two concepts:
- Identity (who you are) - Authority (what you are allowed to do)
Traditionally, these have been combined into one physical document. But what happens if we physically separate them?
"Proof of identity" → Card1 "Proof of authority" → Card2
Identity alone cannot grant permission. Authority alone does not tell who the user is. Each becomes meaningless on its own. This loss of meaning is what we use for security. Although the separated cards may look the same as before, structurally they have changed into individually unusable forms. I call this transformation "information phase transition," similar to phase transitions in physics. When the two cards reconnect, the information transitions again from a meaningless state to an executable identity-and-authority state. This switching between separated and connected states becomes the foundation of security.
Beyond Secret Sharing and Zero Trust
This two-card model is inspired by secret sharing. However, reconstruction is never performed. Reconstruction leaves traces and creates a new attack target. We also apply Zero Trust: trust nothing. The cards do not store sensitive personal data.
- The identity card stores only a server-issued registration number - The authority card stores anonymous permission data
Even if stolen, neither reveals anything meaningful. The goal is to ensure that stolen information is structurally useless. If nothing valuable exists in one place, it cannot be stolen.
How Authentication Works The two cards mutually authenticate each other using BLE and NFC. Users only present one card, but in the background:
Card1 verifies identity Card2 verifies authority Both must approve
Neither can act alone. Card2 always executes authority only with Card1’s approval.
ATM Example
Traditional ATM: Card2 (Authority / NFC) + PIN = Identity confirmation (estimated) → ATM
New ATM: Card1 (Identity / BLE) + Card2 (Authority / NFC・BLE) = ATM (Authentication + PIN)
Look carefully at this structure. Surprisingly, traditional ATMs have no real identity verification. Card2 + PIN only means "probably the right person." This is structurally close to 1.5-factor authentication and lacks true identity proof. This absence of identity verification is a critical system flaw.
New ATM Flow (Card Perspective)
1. User presents Card2 to the ATM (NFC) 2. ATM requests identity proof from Card2 3. Card2 requests identity proof from Card1 (BLE) 4. Card1 provides identity proof to Card2 (BLE) 5. ATM receives proof from Card2 and starts service (NFC) 6. PIN may be requested if necessary
The key difference is that identity verification is now included. Card1 is created through strict identity verification, making real identity proof possible. Behind the scenes, NFC + BLE + Card1 + Card2 + ATM form a multi-layer defense system. Users still present only one card.
Workplace Example (Dynamic Authority)
Card1 (Identity) always ON + → Entrance gate: (Card1 + Card2) automatic approval Card2 (Authority): NFC or BLE → Arrival: Job-level permissions start (BLE) → Area access: Zone-based permissions (BLE/NFC) → Work start: Status change (BLE) → PC use: Login permissions (NFC) → Special equipment: Manager A approval (1/2) → Pending Manager B approval (2/2) → Active → Break: All permissions suspended (BLE) → PC sleep: Permissions paused → Resume work: Permissions restored → Leave: All permissions ended
Authority is not simply ON or OFF. It changes dynamically based on:
- Action - State - Time
Yet, no matter how complex these changes become, the overall structure remains stable. Even changes beyond human intuition do not break the system.
Final Thoughts
The key is physically separating identity and authority. Simply splitting data evenly does not achieve this security level. Correct structural separation reveals hidden strength.
By combining: Secret sharing Zero Trust Knowledge / Possession / Biometric factors
We can build a new security model. Security may feel inconvenient, but strong structures should not be oversimplified. Authority evolves through human intelligence. Its freedom is not a weakness - it is its greatest strength.