Feeds

ID cards: a guide for technically-challenged PMs

Save us all billions - don't do it, Tone...

  • alert
  • submit to reddit

Combat fraud and increase customer satisfaction

Special Report Think about it - it wouldn't be compulsory if you had a choice, would it? David Blunkett's national ID card scheme has had more spikings than Dracula, yet each time has plucked the stake from its heart and continued its purposeful stride towards the statute book.

In early November the British Cabinet opted for voluntary schemes to build a base, with a compulsory scheme coming "when the conditions for moving to a compulsory card are met." Days later, there was Blunkett before Parliament making what sounded like a victory speech. With or without a green light for national ID cards the bulk of the cost is to be incurred anyway, he made it clear. The system is to be brought in for passports, driving licences and a series of special cases (overseas residents, asylum seekers...) anyway, so as Blunkett spun it there's only an extra £4 each to be incurred for the full scheme, so, what the hell, we might as well go ahead.

And just last week Tony Blair gave cards his seal of approval, claiming that civil liberties objections had been largely overcome, and that the main challenges now were technical. Indeed they are, Tony, but we fear you have little grasp of how big they are.

So how the blazes did this happen? Why is the UK sleepwalking into an ID scheme that has not been discussed, but that is nevertheless somehow moving ahead at full steam? And, for that matter, why is Europe doing so? The United States? The world?

We might as well do it, anyway

One of the other major components of Blunkett's standard 'we might as well do it anyway' presentation is the incontrovertible fact that Europe has standardised biometrics for ID roadmapped, and that the US will be requiring biometrics on passports shortly. These two having moved, there does seem a certain inevitability to the rest of the world moving as well. So, if biometrics are to become the global standard for ID, we're obviously going to have to invest in biometric systems for our ID documentation, which is why there's no point in asking people whether or not they want biometrics on their passports and driving licences.

Which is all perfectly logical, except that there's one little nagging question - how did biometrics become the accepted, logical, inevitable international standard for ID in the first place?

Well, it's obvious, isn't it? If your fingerprints are found at the scene of the crime, then you almost certainly did it, didn't you? And similarly, other apparently unique characteristics such as your iris, your DNA and so on can prove conclusively who you are, where you are, and where you've been.

This obviousness clearly drives David Blunkett. He is unshakably convinced that, as biometrics identify the individual with a high degree of certainty, it stands to reason that biometrics provide a sound foundation, probably the only sound foundation, for ID systems. On the one hand we shouldn't be too hard in him for this, because it's a conviction shared by much of the population, but on the other he is part of the team that supposed to be running the country, so it seems to us he has a certain responsibility to think it through. Just a bit.

Given that the alleged free world is already barreling down this route with little or no sign that anybody has paused to think it through, we don't hold out a great deal of hope that they'll do so now, meaning they're all going to have to learn the hard and expensive way. But just in case there is the odd politician out there still prepared to consider the possibility that it does not stand to reason, we here propose a short, readily-understood Register explication of why it does not, and why, if we don't wake up very soon, we will end up spending several billion on proving to ourselves it does not.

SANS - Survey on application security programs

Next page: Biometrics work

Whitepapers

Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.