U.K. Identity Card Will Make Fraud Easier, Expert Says

Mon Apr 26 20:34:51 PDT 2004

<http://quote.bloomberg.com/apps/news?pid=10000102&sid=a7DltmImQUYE&refer=uk>

Bloomberg

ines Expanding European Union in Economic Competitiveness Study

 Amvescap, BAE, BP, BAT, Ferraris, Solitaire: U.K., Irish Equity Preview

 Royal Mail Group Seeking Permission to Price Letters by Size, Not Weight

 April 27 (Bloomberg) -- A U.K. identity card will not prevent terrorism
and may make identity fraud easier, a leading security expert says,
undermining the case for the cards made by Home Secretary David Blunkett.

 Blunkett on Monday set out plans for a national identity card featuring
``biometric'' measures such as fingerprints and iris scans to be introduced
in 2007. A six-month trial of biometric recording and verification,
involving 10,000 volunteers, has just begun.

 He said an ID card would protect Britain from terrorism, identity fraud
and ``benefit tourism'' - people visiting the U.K. to claim welfare
payments.

 ``An ID card makes ID fraud easier because it's a one-stop shop,'' said
Bruce Schneier, a security expert and author of Beyond Fear: Thinking
Sensibly About Security in an Uncertain World. ``My fear is that once you
have a credential that everybody trusts, faking it becomes so much more
valuable. There will be a false sense of security and you can abuse that.''

 In an interview with the BBC in London on Monday, Blunkett cited
information from the security forces that 35 percent of terrorists had used
fake IDs.

 ``How is this going to help?'' said Schneier, who has testified on
security before the US congress, from California. ``Let's pretend he's
right, and let's pretend the card is 100 percent successful. So now there's
no terrorists using fake IDs. Does it reduce the threat of an attack? No.
They will just find another way. Any anti-terrorist measure that forces a
terrorist to change his tactics in a meaningless way is a waste of money.''

 The Home Office said in a statement that because the new cards would use
biometric measures, the system would identify people trying to apply for
multiple cards under different names.

 ``Biometrics won't stop me getting a card in your name,'' said Schneier.
``Pictures are a biometric, and we use pictures on cards in the US and
fraud happens all the time. What's new is biometrics being checked by
computer. Is your computer reliable? Mine isn't.

 ``The operators who run the computers are bribeable. What does it cost to
bribe someone to go into a database and change the fingerprint?''

 The plan to introduce a compulsory identity card for the first time since
the cards were scrapped after World War II has met resistance from other
member's of Prime Minister Tony Blair's government, including Trade and
Industry Secretary Patricia Hewitt. Parliament will be given a vote before
the cards are made compulsory in 2013.

 ``The whole point of this trial is to see what glitches we uncover,'' the
Home Office said in a statement Replying to Schneier's criticisms. ``We
will work to make the system as secure as possible.''

-- 
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'