Feeds

Fingerprint the expats! FCO plans phase two biometric passport

Cross-Channel loophole to close by 2010

SANS - Survey on application security programs

Plans to add fingerprints to UK overseas passports are under way, despite the cost and complexity involved in gathering biometrics from UK citizens across the globe, a parliamentary answer revealed last week. Passports issued by the Foreign & Commonwealth Office are already "biometric", but only in the somewhat minimalist sense required by ICAO - the addition of fingerprints, however, would pull overseas UK residents into the National Identity Register net, closing off a prized but little-known escape route.

According to an answer obtained from FCO Minister Geoff Hoon by Liberal spokesman Vince Cable, the FCO "Secondary Biometrics" project commenced this month, and is due for completion by October 2010. It has not yet, Hoon revealed, been either scoped or fully costed.

The FCO's passport issuing function is generally carried out via local embassies and consulates to cater for UK citizens resident outside of the UK. The biometric passports currently issued by these simply use a digitised version of an ordinary passport photo (which, if you get lawyerly, is technically a 'biometric' anyway), so relatively low-cost and civilised transactions can be carried out by post. Citizens obtaining their ID via this route also, possibly, have some protection from the full impact of the Database State, because those not resident in the UK (by the definition of the ID Cards Act, in the country for three months or more) are specifically excluded from the NIR. But only "possibly" because data on individuals gathered via overseas applications will still make its way into the system.

Fingerprints, however, will require attendance in person somewhere. Where? The UK is already involved in rolling out a biometric visa system, currently prioritising countries seen as a higher risk of illegal immigration. The programme is not however particularly advanced, and these countries are not the same as the ones with the highest concentrations of UK expats. The thinking (perhaps an overly flattering word) currently seems to be to outsource application processing to external organisations wherever feasible, but as we've yet to hear reports of major catastrophe, fraud and incompetence, presumably this isn't happening much yet.

The EU biometric passport, resident permit and visa plans parallel those of the UK, and given that the EU as a whole intends to add fingerprints to passports, the EU as a whole should also in the fullness of time have a non-resident biometric collection issue to address. And there are also plans for a global EU visa issuing network so, if the UK could stomach it and the other countries would let it (the UK is not a Schengen signatory, remember), the FCO could possibly hitch a lift on that. But neither of these is a foregone conclusion - the question of whether, or to what extent, the EU should have embassies, a foreign policy and a foreign service gets sucked into the equation.

So the FCO's scoping of the secondary biometric project has some tricky questions to answer, and the opposition might do well to ask how it's going every now and again. It'll have to move some in order to be in place by 2010.

Vince Cable's question, however, was directed at general FCO IT costings rather than being aimed specifically at biometrics. You'll note from the answer that, with the exception of Prism, the long-running FCO ERP cockup (which despite Hoon's current claim of £81.9 million was supposed to cost £53 million in 2002), most of the projects were started too recently to have shown major delays and overruns. Note however the relatively paltry cost of the current "biometric" FCO passport programme, and the bracing £121.7 million to be spent on biometric visas between May 2005 and December 2007. This, which already shows a 20 per cent overrun, is clearly the most intensive piece of IT spending on the FCO's budget. ®

Top three mobile application threats

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.