Feeds

IPS leak suggests ID card fingerprint chop

Prints might just be needed for 'special' groups

High performance access to file storage

A key component of the UK ID card scheme, the central database of fingerprints, may be abandoned, according to a leaked Home Office document obtained by the Observer. The document doesn't suggest entirely scrapping fingerprints, but instead suggests that their value should be assessed for each group of the population enrolled.

So how does that work? Well, for the ID scheme as originally planned, it clearly doesn't. From David Blunkett onwards Home Office ministers have presented biometrics as the system's USP, the one single factor that makes it entirely certain (in their view) that you are who you say you are. And, they have claimed, the ability to check those biometrics against a central register would give us the 'gold standard' of identity. But if you don't necessarily collect everybody's fingerprints, then you don't have a complete national biometric register, so you might as well save yourself a pile of money, chuck away any notion of online biometric checks as a matter of routine, and forget any ideas you still had about a national biometric register.

Quite a few of the claimed 'benefits' of the ID scheme go out of the window if you do this. The police cannot trawl the register in order to match crime scene fingerprints, nor can they use their mobile fingerprint readers to identify you or to prove that you are who you say you are. Effectively, the ID card would be chip-backed picture ID, with the security of the chip only of value in circumstances where a reader was used.

Except, apparently, for some groups. Immigration Minister Liam Byrne recently reiterated his commitment to issuing the first biometric ID cards to foreign nationals from November of this year. Having this group carrying biometric ID cards makes sense to the government, in a racist sort of way, because it should already have biometrics for many of them via the biometric visa programme. But not all foreign nationals require a visa, so perhaps not all foreign nationals will turn out to require an ID card - at least initially.

But even if the Home Office were to abandon ID card fingerprints for everyone bar the foreigners it's fingerprinting already, it would still ultimately be fingerprinting most of the rest of us, as the Identity & Passport Service (IPS) is currently scheduled to start collecting fingerprints at passport renewal from 2009. The UK isn't a Schengen signatory and therefore isn't obliged, as the Schengen states are, to add fingerprints to passports, but has committed to do so.

Which presents us with a puzzle. The ID card has up to now been envisaged as, effectively, a small format passport - you collect the biometric data for the passport and squirt it onto the passport chip and the ID card chip, same thing, different shapes. But there's always been a need, if the ID card is to be universal, to collect biometric data from that part of the population that doesn't have a passport. And if you're not going to do that, then the passport and the ID card start to become different beasts, with the passport the ID that's more strongly tied to the individual, and the ID card being rather less so.

The picture is not wholly coherent, which is as one would expect from an organisation looking for savings and shortcuts in a desperate attempt to salvage something from the ID card disaster.

Meanwhile in separate leaks, the Home Office is considering beating young drivers with a stick to get them to sign up for ID cards. Well, sort of - see here. ®

High performance access to file storage

More from The Register

next story
Android engineer: We DIDN'T copy Apple OR follow Samsung's orders
Veep testifies for Samsung during Apple patent trial
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
EFF: Feds plan to put 52 MILLION FACES into recognition database
System would identify faces as part of biometrics collection
Big Content goes after Kim Dotcom
Six studios sling sueballs at dead download destination
Alphadex fires back at British Gas with overcharging allegation
Brit colo outfit says it paid for 347KVA, has been charged for 1940KVA
Jack the RIPA: Blighty cops ignore law, retain innocents' comms data
Prime minister: Nothing to see here, go about your business
Singapore decides 'three strikes' laws are too intrusive
When even a prurient island nation thinks an idea is dodgy it has problems
Banks slap Olympus with £160 MEEELLION lawsuit
Scandal hit camera maker just can't shake off its past
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.