Feeds

Clarke's ID card cost laundry starts to break surface

Hide the billions, levy transaction fees and voila! It only costs £30

  • alert
  • submit to reddit

Beginner's guide to SSL certificates

According to Blair, "at the moment if you want to get your medical records online, you can't because of worries over identity. You would be able to do that" with an ID card, he said. He failed to explain how you would be able to do that, but his bringing the subject up suggests that the Government is considering tying online health record access to ID cards. Without further development specifically aimed at online identification, the ID card at them moment would have to use a PIN, and is about as secure as a credit card (or less so - if you're going to have a card stolen, which would you prefer, ID card or credit card?).

The contribution of private industry, Clarke's "other sources", is less clear, and during last week's debate Clarke, stressing that information on the NIR would not be for sale, placed limits on what could be done. "With the consent of the identity card holder - I emphasise that - banks or other approved businesses will be able to verify identity by checking an ID card against the national identity register," he said. "That would mainly involve confirming that the card is valid and has not been reported lost or stolen, and that the information shown on it is correct. The card holder's biometric details may also - with the card holder's consent - be confirmed against those held on the register."

These are not however limitations that need greatly impact the ID scheme's ability to make money from the private sector. If NIR checks prove valuable for, say, financial service providers, then they will require customers to give them permission in their application forms. And ultimately the service providers may not have a choice. The Government has stated at various times that it feels ID card reading capability could be built into future generations of credit card reader and ATM.

This is not a prospect likely to attract the banks and credit card companies right now, because from their point of view the current chip and pin system provides an adequate balance of convenience and security, and ID cards would simply introduce an extra complication. A simple local check of the validity of the card wouldn't establish the bearer's identity (it could be somebody else's credit and ID card and might convey a false sense of security to retailers), while online checks of biometrics would likely lead to false refusals, and thus reduced trade (and at the ATM, could raise the prospect of severed fingers).

But although the financial and retail sector is not going to volunteer for ID cards, there are areas where it could plausibly be volunteered. ID theft, which in this case is largely what we used to call credit card fraud, impacts on the individuals whose card/identity is stolen far more than it does on the credit card companies, so the public's concerns about ID theft could be harnessed to impose proof of ID requirements on the credit card industry. And once ID cards exist and are widely carried, the Blunkett principle that they constitute a simple and secure method for establishing ID, and therefore there's no excuse not to demand them, might be extended to retail. A legal requirement for proof of ID for transactions over a certain value could be implemented in the name of combating card fraud.

Not all of this will happen immediately, but the pressing and growing need to finance the ID scheme while keeping the cost of the card down to politically acceptable levels will mean that the Government will strive hard to establish revenue sources early on in the scheme. From the point of view of the individual, though, a card cost of 'only' £30 will be nothing to cheer about.

Other costs incurred by Government will be paid for via direct transaction charges and taxation, while the involuntary contributions made by industry will be passed on to the consumer. Economically speaking, if the ID scheme does not deliver savings and efficiencies to match its overall cost (which could quite easily exceed £20 billion), then we will be sucking a huge amount of money that would have been better spent on wealth creation out of the economy. 'Only' £30 indeed...

Clarkewatch: In his ongoing suicide mission (he's a sort of suicide bullshitter) to 'prove' that Government IT projects are not pants, and do in fact deliver the goods, Clarke used the Passport Office, which is now apparently delivering something close to what one might call a service, as an example. And then he cited the successful rollout of chip and pin. We could point that the latter, a networked megaproject, was carried out by private industry, but you no doubt spotted that yourself. What interests us more, however, is that on previous outings for the suicide mission Clarke had trotted out Airwave, the 'on time, on budget' secure digital communications system for the UK police.

At the time we thought it a little cheeky to claim a system that had severe rollout problems and remained crap at data as a successful IT project, and as Clarke's dropped this from his list of achievements it's possible somebody has had a word. However, evidence that Airwave remains crap at data is provided by Northamptonshire police's pilot of mobile fingerprint readers in conjunction with Automatic Number Plate Recognition (ANPR) systems.

Here, if your number plate leads police to make further enquiries, they ask you to 'voluntarily' undergo a fingerprint check against the police database using mobile fingerprint recognition. The systems Northampton deployed, however, used, er, GPRS. But there seem to have been a few problems anyway... Clarke, in any event, can't even get the message across to the rest of the Cabinet. Surveying the wreckage of the new environmental stewardship scheme, Environment Secretary Margaret Beckett says: "Tell me an IT scheme in the Government or the private sector that has been introduced without problems." Oops.

Security for virtualized datacentres

More from The Register

next story
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
Apple CEO Tim Cook: TV is TERRIBLE and stuck in the 1970s
The iKing thinks telly is far too fiddly and ugly – basically, iTunes
Huawei ditches new Windows Phone mobe plans, blames poor sales
Giganto mobe firm slams door shut on Microsoft. OH DEAR
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Found inside ISIS terror chap's laptop: CELINE DION tunes
REPORT: Stash of terrorist material found in Syria Dell box
Show us your Five-Eyes SECRETS says Privacy International
Refusal to disclose GCHQ canteen menus and prices triggers Euro Human Rights Court action
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.