Information Cards will only be secure if there are real separate cards, using embedded cryptography, in use: every security measure running directly on a PC only is vulnerable (see rootkits), and virtual Information-Cards (which are only data stored on your computer), are an invitation to pishers! They only have to upload this Information-Card Data from your Computer, and pishers get everything they like to have!

Why? There is a not curable flaw:
Everything running directly on a PC (specially with MS-Software) can be faked or spied on.

The only thing which helps is an external ID (Card or USB-Dongle) with embedded Microprocessor which handles all the communication with embedded cryptography and refuses to be spied on.

Everybody involved, but specially a readership that is no expert in security and privacy has to know this! People should know the limits and drawbacks of security. Otherwise a new circle of Insecurities and Security Breaches and even loss of personal identity Data may follow.

And, bye the way:
Information Card Users give their essential personal identity data to the companies which are issuing the Information Card – that is another vulnerability. These Companies have all the personal identity data and the possibility to access all WEB-based connections. Who is supervising these Companies? Remember lost data reported in the press?