TSSI raises concern over ID card scheme

Identity specialist TSSI has branded the new government-led ID card scheme to launch in Manchester as premature. In a speech made today, (covered in the BBC article ‘Manchester launch for ID cards’) Home Secretary Jacqui Smith has stated that anyone over 16 in the city with a UK passport will be able to apply for a card from the Home Office from Autumn 2009. “The scheme works on the assumption that people will apply on a voluntary basis although it is not entirely clear what the immediate real benefits to members of the public are,” said John Barker, General Manager, TSSI Systems Ltd.

“It is estimated that the ID cards will cost between £30 and £60 each to produce at a time when the government is focused on curbing public spending. Advocates of the scheme point to the benefits of personalised public services, but this relies on the appropriate supporting systems being in place which could take up to five years to develop.”

“The estimated cost of the project to the Home Office is about £5 billion, but Dr Whitley of the London School of Economics estimates that the last four years has already seen astronomical costs of between £10-20 billion. With spiraling costs it seems that the government has already bitten off more than it can chew.”

“One of the arguments for the introduction of ID cards is that they can help combat impersonation, ID theft and fraud. However, the Government’s proposed ID card scheme does not go far enough to address this issue. Stronger verification technology needs to be in place. Biometric technology alone does not suffice to prevent fraud. For example, the Dutch biometric passports were cracked soon after launching, despite strong encryption. Unfortunately, there is no such thing as a 100 per cent secure solution — and saying you’ve got one is an open invitation to hackers! All you can do is minimise the risk as far as possible.”

“What’s needed if the ID card scheme is to work is a belt and braces approach. Storing the data as an algorithmic encryption makes it impossible for even the most sophisticated fraudster to read or substitute. Even authorised personnel — and therefore any successful hackers – would only be able to view binary code, and not the finger, iris or facial data itself. They would also be unable to replicate the algorithm to clone the card. However, this method of encryption goes beyond the scope of the ID cards currently proposed.”

“With the UK in the midst of a recession and projected cost of the scheme seemingly escalating as well aspotential gaps in the security of the technology, is this really the right time to be launching an ID card scheme?