“The main concern with ID cards is forgery” said TSSI’s chief operating officer Stewart Hefferman. “The government has chosen biometrics to prevent this, but it needs careful implementation. Biometrics alone will not prevent forgery, and with it, fraud.
“Despite strong encryption, the Dutch biometric passports have already been hacked. What if someone hacks the UK system and uses this to forge cards? Obviously this would make a mockery of the whole ID card system. The government needs to tread carefully with the implementation of these cards, or the seeds of disaster will be there from the making.”
Hefferman believed the solution to the problem was to store the data as an algorithmic encryption to make it impossible for even the most sophisticated fraudster.
“A second major concern is – why on earth does individual information need to be stored on both card and central database? We do not understand why they need to do this, unless they are planning to extend the usage of the cards in future, which is a major concern for the civil liberty groups.
“We strongly advise that the back-end system enables an audit trail of those personnel who have accessed individual records. This is crucial to enable the government to identify if individual details were breached and thus make it easy to identify fraudsters and trace them.”
