Jacqui Smith said that accredited businesses would have a strong competitive reason to ensure that the biometric transfers they perform are secure, as failure to do so would have an impact on their reputation. Err, doesn’t that go without saying? However, so far the Home Office has given no precise information as to how fingerprints would be linked to biographical data, or any details about how the National Identity Scheme would be implemented.杰葵史密斯说，认可的企业将会有一个强有力的竞争原因，以确保生物技术的转让他们的表现是安全的，因为不这样做会影响他们的声誉。 错误，没有这不用说？但是，到目前为止内政部并没有确切的资料，如何将指纹与履历资料，或任何细节如何国民身份证计划将得到执行。 All you can be guaranteed is that once your personal information is on a national database, it’ll be hacked and held to ransom in the public domain in a matter of months.所有你可以得到保证是，一旦你的个人信息是一个国家数据库，它会侵入并举行了赎金在公共领域在几个月内。 The biggest form of crime in the future will be digital, you mark my words…最大的犯罪形式在未来将是数字，你记住我的话...

Handing over the keys to public identity data to organisations such as Royal Mail will open up a whole new can of worms.的钥匙交给市民的身份数据，以组织，如英国皇家邮政将开辟一个全新的蠕虫可以。 It seems preposterous to put our personal data into the hands of a third party when data loss is as commonplace as it is.看来荒谬的把我们的个人资料落入第三方时的数据丢失是司空见惯的，因为它是。 It’s clear now that our Government has intended to link the ID card scheme into its other services.很明显，现在，我国政府已打算联系的ID卡计划纳入其其他服务。 I’ve been concerned about such an extension of ID card use since they were very first announced.我一直在关注这种延长身份证使用，因为他们第一次公布。 The big concern with ID verification is impersonation.大关注，身份证核查是冒名顶替。 Unfortunately, the Government’s ID card scheme does not go far enough to address this problem, and opening up a photo kiosk-style fingerprinting service at a Post Office with data made accessible to employees will further exacerbate the problem.不幸的是，政府的身分证计划还远远不够解决这个问题，并开辟了照片亭式指纹识别服务，邮政局的数据提供给雇员将进一步加剧这一问题。

The two main weaknesses are an over-reliance on biometric security, and secondly, the preference for centralised data storage.两个主要弱点是过度依赖的生物安全性，其次，倾向于集中数据存储。 Together these leave the ID card system vulnerable to cloning.加上这些假身份证制度容易克隆。 Stronger verification technology needs to be in place.更强有力的核查技术必须到位。 Biometric technology alone does not suffice to prevent fraud - despite strong encryption the Dutch biometric passports were cracked soon after launching.生物识别技术本身不足以防止欺诈-尽管强大的加密功能，荷兰护照被震裂发射后不久。 The passports were read remotely (thanks to the RFID chip they can be read from 10 meters) and then the security cracked using flaws built into the system, whereupon all of the biometric data could be read.护照阅读远程（感谢RFID芯片可以读取10米） ，然后破获的安全漏洞建成使用该系统，届时所有的生物数据可以读取。

What’s needed if the ID card scheme is to work is a belt and braces approach.需要什么，如果身份证计划的工作是一个带括号的办法。 Storing the biometric data as an algorithmic encryption makes it impossible for even the most sophisticated fraudster to read or substitute.存储生物数据的加密算法使得即使是最复杂的欺诈读取或替代品。 Even authorised personnel - and therefore any successful hackers or corrupt employees - would only be able to view binary code, and not the finger, iris or facial data itself.即使授权的人员-因此，任何成功的黑客或腐败的雇员-只可以查看二进制代码，而不是手指，虹膜或面部的数据本身。 They would also be unable to replicate the algorithm to clone the card.他们也将是无法复制克隆算法的信用卡。 Furthermore, centralised data storage is a security concern.此外，中央数据存储是一个安全问题。 The way the information is stored and structured needs to be carefully implemented to avoid sowing the seeds of disaster.的方式，信息储存和结构需要认真加以实施，以避免播下种子的灾难。

Storing this data centrally and then linking into a variety of databases is a security concern.这个数据存储中心，然后连接到各种数据库，是一个安全问题。 Other countries such as France and Italy have stipulated that biometric information is stored only on the cards themselves - thus still within the possession of the individual.其他国家如法国和意大利的规定，生物信息是只会储存在卡本身-因此，仍然在拥有个人。 If it is stored centrally, then the biometric data must be stored separately from other personal data.如果是中央储存，然后生物数据必须分开存放从其他个人资料。 This would make it harder for any hacker to join up the dots and steal someone’s identity or clone a card.这将使更难任何黑客加入了点，窃取别人的身份证或克隆卡。 Back-end systems should enable an audit trail of those personnel who have accessed individual records on those back-end systems.后端系统应使审计线索这些人员已经进入谁的个人记录，这些后端系统。 Even so, I still believe it’s all going to end in tears.即便如此，我仍然认为这是所有去年底在流泪。