Many experts in biometrics say the aims outlined by the Home Secretary David Blunkett last week for the ID card scheme (Computing, 13 November) have already raised doubts over whether the system can be delivered in the form proposed. Central to the plans are five specific objectives - the prevention of terrorism, tackling ID fraud and serious organised crime, countering benefit fraud and illegal working - a brief many experts claim is far too wide to guarantee meaningful success, especially with ongoing concerns about the Government's ability to deliver large IT projects.
Part of the problem is the Government's focus on using ID cards for restrictive purposes rather than as positive devices to enable online public services, says Nick Kalisperas, egovernment programme manager at supplier trade body Intellect.
Kalisperas has been outlining the potential benefits ID cards could have for egovernment generally and also how the availability of new technology could foster a range of electronic retail activities.
Storing ID card information with the Sim card of a mobile phone and taking advantage of new technology being developed by Philips, called Near Field Communications, would turn a mobile into an effective electronic wallet.
Research already indicates that people are happy to use PIN numbers on their mobile phones, relate to them as personal devices and would not be resistant to a biometric identifier.
Smartcards represent another possible technology solution, says Peter Cattaneo, Sun Microsystems director of Java Card Business. He says much of what Blunkett wants to achieve can be done very easily on a 32kb smart card - with a biometric, ID and driving licence information and a health record only taking around 7kb of storage.
Belgian authorities have already gone ahead with an electronic ID scheme, but one based on the use of ID as an egovernment enabler.
Bart Vansevenant, director of European security strategies for Ubizen, which runs the Belgian scheme, says the aim was simply to develop access to Government services electronically.
He says the UK proposals seem to be a response to US anti-terrorism measures - US authorities are introducing a requirement for visitors to have a biometric-enabled passport by October 2004. He says the Belgians advised the UK to follow the idea of ID cards for government-enabling.
'The amount of people you catch will not be worth the price of the infrastructure,' said Vansevenant.
'The reasoning of the UK is all following 9/11. If you look at this from a distance and look at the goal I'm afraid a lot of money will be wasted and that the real cost will be much higher than any of the figures currently being suggested.'
Some critics claim there are still shortcomings with the biometric technology being considered.
Iris scanning is expensive, and can be affected by medicines and illness and more importantly tends to be difficult to perform on particular racial groups.
Fingerprints can be susceptible to occupational hazards with bricklayers and stonemasons particularly prone to wearing away their markings and the weekend DIY expert susceptible to cuts and scrapes on their fingers.
Even face recognition systems often need a person to replicate the pose they originally struck for the photo.
Iris scans make a mistake once every five million readings, which is not a problem on a small-scale systems but given the likelihood that using ID cards to guarantee identity would be adopted by the business and retail sectors, those error rates would be overshot on a daily basis.
Similar error rates are encountered by other computerised systems.
Peter Dorrington, head of fraud solutions at data analysis specialist SAS, says the ID card is certain to become universally requested by business.
Dorrington says the real Achilles heel of the current thinking on ID cards is the creation of a central database and the use of information.
'If there is a central database it will present a new and undreamt of opportunity for crime. The larger the network, the more difficult it is to protect with the need for a matched level of investment to protect the infrastructure,' he said.
Focus is the key, says Dave Birch of Consult Hyperion, a digital identity consultancy that advised on the Hong Kong ID card system which has the simple goal of controlling population movements across the Chinese border.
'If this technology were used in the right way it could be very positive, it could actually be privacy enhancing,' he says.
In the Belgian ID card scheme, the aim is to foster contact with Government services. Birch says that in the UK most contact by the citizen with Government is at the local level with over 50 per cent of transactions involving booking leisure centre facilities. People become suspicious when the Government tries to extend and centralise that contact.
'If you put too much information in a central database then at some point someone is going to make the case that they should connect to it for some other purpose,' said Birch.
Quelle: Computing, 19.11.2003
