[Dave Birch] When you introduce new identity mechanisms, then you also introduce new identity crimes to go alongside them. Thus, introducing an identity card (to pick an obvious example) means that criminals will be attracted to obtaining them fraudulently and the hitherto non-existent crime of making bogus ID cards will naturally rocket. That’s human nature. If you were going to create a criminal enterprise based on bogus ID cards, who would you target? Probably the group with the least recourse to the law: illegal immigrants. This is exactly what has been going on in Malaysia, where a fake identity card issuing syndicate which cheated hundreds of illegal immigrants has been broken up by the police. You’ve got to admit though that they had more front than Buckigham Palace. The criminals operated under the guise of an NGO carrying out a census on the number of illegal immigrants in the state! Their actual motive was to issue the immigrants with an IC that looked similar to the Malaysian smart ID card Mykad (that we’ve discussed here before) at fees ranging from RM400 to RM800.

Technorati Tags: , , , ,

I’m sure the Identity & Passport Service (IPS) will prevent any similar frauds from occurring in the UK, but it might a precaution to design a system that makes this kind of fraud difficult. One of the ways to do this — as Neil McEvoy will be pointing out in his talk at the European e-Identity Conference in Paris in a couple of weeks — is to make a scheme symmetric. In other words, it should be as easy for a citizen to verify a policeman’s identity claims as it is for a policeman to verify a citizen’s identity claims. In particular, if the illegal immigrants in the previous example had been able ot use their mobile phones to validate the ID cards of the “NGO” workers, or indeed the “ID cards” that were being issued to them, the fraud wouldn’t have been possible. Since the proposed UK ID cards have a contactless interface, I imagine the IPS will make a freely downloadable phone application for citizens with NFC phones to use for precisely this purpose: a phone can easily check a digital signature given up by the ID card to confirm that it is real.

Incidentally, if anyone happens to be passing through Hemel Hempstead this evening, I’ll be giving a talk at the British Computer Society on an alternative national identity scheme founded on these kinds of privacy-enhancing technologies, and always welcome constructive criticism.

These opinions are my own (I think) and are presented solely in my capacity as an interested member of the general public [posted with ecto]

Leave a Reply


Subscribe to our newsletter

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

By accepting the Terms, you consent to Consult Hyperion communicating with you regarding our events, reports and services through our regular newsletter. You can unsubscribe anytime through our newsletters or by emailing us.
%d bloggers like this: