Written by Technorati Tags: government, ID cards, identity, privacy, security
I’m sure the Identity & Passport Service (IPS) will prevent any similar frauds from occurring in the UK, but it might a precaution to design a system that makes this kind of fraud difficult. One of the ways to do this — as Neil McEvoy will be pointing out in his talk at the European e-Identity Conference in Paris in a couple of weeks — is to make a scheme symmetric. In other words, it should be as easy for a citizen to verify a policeman’s identity claims as it is for a policeman to verify a citizen’s identity claims. In particular, if the illegal immigrants in the previous example had been able ot use their mobile phones to validate the ID cards of the “NGO” workers, or indeed the “ID cards” that were being issued to them, the fraud wouldn’t have been possible. Since the proposed UK ID cards have a contactless interface, I imagine the IPS will make a freely downloadable phone application for citizens with NFC phones to use for precisely this purpose: a phone can easily check a digital signature given up by the ID card to confirm that it is real.
Incidentally, if anyone happens to be passing through Hemel Hempstead this evening, I’ll be giving a talk at the British Computer Society on an alternative national identity scheme founded on these kinds of privacy-enhancing technologies, and always welcome constructive criticism.
These opinions are my own (I think) and are presented solely in my capacity as an interested member of the general public [posted with ecto]
