Feeds

Thought you didn't need to show ID in the UK? Wrong

Your papers please. NOW

Mobile application security vulnerability report

Edges that can be subverted

The SIM tattoo adorning Reg hack Bill Ray's hand – no word yet on whether he plans to upgrade it to a nano-SIM, nor whether it will ever be accepted as legal ID.

Heath, who campaigned against the last government’s ID card scheme, didn’t have either to hand, but got in anyway: “The kind staff organising the event made special efforts on my behalf. So the system has edges which can be subverted,” he wrote at the time.

It’s surprising how much those edges can be subverted. A 2004 speech by home secretary David Blunkett, talking up his ID card scheme and supposedly requiring photo ID for access, was accessed by Phil Booth, then national co-ordinator of NO2ID. He did this while carrying a smouldering stick, that had until recently supported a giant ID card which Booth had burnt outside the venue.

Getting a drink in Newquay if you look under 25

Older Register readers may not realise it, but getting a drink these days for 20-somethings generally requires the use of something that looks much like an ID card. Under the Challenge 21 and Challenge 25 schemes operated by pubs and retailers, anyone who looks under 21 or 25 (depending on which version an outlet has signed up for) has to prove their age.

However, almost every seller of alcohol and other age-restricted goods will accept a relatively cheap Proof of Age Standards Scheme (Pass) card as an alternative to a passport or driving licence. Pass, set up in 1998 with the support of the Home Office, police and trading standards departments, licences 17 providers to issue cards with photos and holograms, costing around £15. As the scheme’s website points out: “Young people are rightly concerned about taking valuable documents such as passports with them on a night out, because of the inconvenience and expense to replace if lost or stolen. If they fall into the hands of criminals they can represent a real security risk.”

But Newquay in Cornwall only accepts passports and driving licences, under its Newquay Safe partnership. This was launched in July 2009 after two young men died after falling from cliffs, with the police blaming alcohol.

The town has taken a hard line in tackling its reputation as a teenage party centre. Police “meet and greet” incoming trains and planes with dogs and drug detectors, confiscating alcohol from under-18s; parents may be called to collect inebriated youngsters; and the authorities will write to parents and schools about any interactions, so “making sure that what happens in Newquay does not stay in Newquay”. Mad-for-it holidaymakers even risk arrest or exclusion for wearing offensive clothing – or carrying offensive inflatables – if they don’t co-operate (presumably by removing, or deflating, the offensive items).

While Newquay’s strict rules can be understood as a reaction to the tragic results from underage drinking in the town, why not accept Pass cards given they are designed to make it easier for young people to prove their age? Rob Andrew, joint project manager for the partnership, says that the town’s venues saw the wide range of Pass-approved card designs as confusing. “The feeling among the trade was the Pass card was open to abuse,” he says. “If you’re working at night with a big queue, you don’t want to check each one.”

Andrew says that Newquay’s requirement for a passport or driving licence is widely publicised, and adds that when parents ask why their offspring have to bring a valuable document, the partnership responds that if you don’t trust them with that document, why trust them to go away alone? With financial support from the Home Office, some of the biggest venues in Newquay have also installed scanners for passports and driving licences. These are designed to spot fake documents, those belonging to youngsters on banned lists – and those who are already inside the venue, as one trick involves adults trying to share their IDs with similar-looking but under-age siblings. Around 3 per cent of those trying to get into the venues in question have been stopped by the machines, Andrew says.

And finally… over the sea to Orkney and Shetland, ID-free

Sometimes, rules get lifted rather than imposed. On 22 November 2012, ID checks were lifted by NorthLink Ferries for its sailings between mainland Scotland and the Northern Isles of Orkney and Shetland.

It is fair to say that these checks, introduced on 1 May 2008, were not exactly rigorous. Under-16s were exempt, and as well as the usual passport and driving licence options, NorthLink accepted its own ID cards, young people’s and travel concession cards, photo bank cards and some employee photo ID cards, among others.

“This will enable positive identification at check-in and to ensure the safety and security of all our passengers, crew and vessels,” NorthLink’s website used to claim.

Leaving aside the question of how this would ensure safety and security was the question of why this particular line alone needed to see ID. It is not generally required on Scottish ferry routes, including others run by Caledonian MacBrayne, the government-owned operator which ran NorthLink at the time. A rival privately-owned line to Orkney, Pentland Ferries, boasted about its lack of ID checks. And even ferries between the UK and the Republic of Ireland require only the production of that well-known high-security British identity document, the utility bill.

However, thanks to outsourcing giant and unlikely champion of freedom Serco – which took over NorthLink last year – photo ID is no longer required, except when picking up some pre-booked or discount tickets. “Halting the need for photographic identity cards will make it easier for people to make spontaneous visits. It also makes the Northern Isles feel welcoming and inclusive from first impression,” said NorthLink’s MD Stuart Garrett, also announcing nicer seats, better showers and Wi-Fi… and “a bigger bar”.

We’ll raise a cup of kindness yet, for the sake of ID-free ships to Stromness, Kirkwall and Lerwick. ®

SA Mathieson is the author of "Card declined: How Britain said no to ID cards, three times over"

Mobile application security vulnerability report

More from The Register

next story
UK government officially adopts Open Document Format
Microsoft insurgency fails, earns snarky remark from UK digital services head
Major problems beset UK ISP filth filters: But it's OK, nobody uses them
It's almost as though pr0n was actually rather popular
US Social Security 'wasted $300 million on an IT BOONDOGGLE'
Scrutiny committee bods probe derailed database project
HP, Microsoft prove it again: Big Business doesn't create jobs
SMEs get lip service - what they need is dinner at the Club
ITC: Seagate and LSI can infringe Realtek patents because Realtek isn't in the US
Land of the (get off scot) free, when it's a foreign owner
MPs wave through Blighty's 'EMERGENCY' surveillance laws
Only 49 politcos voted against DRIP bill
Help yourself to anyone's photos FOR FREE, suggests UK.gov
Copyright law reforms will keep m'learned friends busy
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.