The Government proposal by Home Secretary Jacqui Smith has asked companies such as the Post Office to collect biometric data from its customers. This sucks, and I’ll tell you why. As high tech as it seems, such a system will allow companies to gain ownership of public identity data that will be vulnerable to abuse. Unfortunately, there is no such thing as a 100% secure solution, and saying you’ve got one is an open invitation to hackers who love nothing more than a challenge.
Jacqui Smith said that accredited businesses would have a strong competitive reason to ensure that the biometric transfers they perform are secure, as failure to do so would have an impact on their reputation. Err, doesn’t that go without saying? However, so far the Home Office has given no precise information as to how fingerprints would be linked to biographical data, or any details about how the National Identity Scheme would be implemented. All you can be guaranteed is that once your personal information is on a national database, it’ll be hacked and held to ransom in the public domain in a matter of months. The biggest form of crime in the future will be digital, you mark my words…
Handing over the keys to public identity data to organisations such as Royal Mail will open up a whole new can of worms. It seems preposterous to put our personal data into the hands of a third party when data loss is as commonplace as it is. It’s clear now that our Government has intended to link the ID card scheme into its other services. I’ve been concerned about such an extension of ID card use since they were very first announced. The big concern with ID verification is impersonation. Unfortunately, the Government’s ID card scheme does not go far enough to address this problem, and opening up a photo kiosk-style fingerprinting service at a Post Office with data made accessible to employees will further exacerbate the problem.
The two main weaknesses are an over-reliance on biometric security, and secondly, the preference for centralised data storage. Together these leave the ID card system vulnerable to cloning. Stronger verification technology needs to be in place. Biometric technology alone does not suffice to prevent fraud – despite strong encryption the Dutch biometric passports were cracked soon after launching. The passports were read remotely (thanks to the RFID chip they can be read from 10 meters) and then the security cracked using flaws built into the system, whereupon all of the biometric data could be read.
What’s needed if the ID card scheme is to work is a belt and braces approach. Storing the biometric data as an algorithmic encryption makes it impossible for even the most sophisticated fraudster to read or substitute. Even authorised personnel – and therefore any successful hackers or corrupt employees – would only be able to view binary code, and not the finger, iris or facial data itself. They would also be unable to replicate the algorithm to clone the card. Furthermore, centralised data storage is a security concern. The way the information is stored and structured needs to be carefully implemented to avoid sowing the seeds of disaster.
Storing this data centrally and then linking into a variety of databases is a security concern. Other countries such as France and Italy have stipulated that biometric information is stored only on the cards themselves – thus still within the possession of the individual. If it is stored centrally, then the biometric data must be stored separately from other personal data. This would make it harder for any hacker to join up the dots and steal someone’s identity or clone a card. Back-end systems should enable an audit trail of those personnel who have accessed individual records on those back-end systems. Even so, I still believe it’s all going to end in tears.