People 'can't wait for ID cards'

I think you know my arguments quite clear enough seeing as you've been at my throat about ID cards for about five months now, but to humour you I'll summarise.

1. Control borders by identifying who should be here and who shouldn't.
2. Controlling ID fraud by requiring production of ID card and correlation of information with back-end database.
3. Controlling benefit fraud by requiring production of ID card and correlation of information with back-end database.
4. Speeding up identification issues for the police and courts.
5. Helping prevent terrorism by cutting down on fake travel documentation and fake credit cards / bank accounts.
5. Helping prevent crime by cutting down on fake travel documentation and fake credit cards / bank accounts.
6. Helping trace wayward parents for the CSA to reduce state payments.
7. Speeding up immigration resources by identifying previous failed asylum seekers / overstayed visas, etc.
8. Helping the countless millions who don't currently have Id prove their identity when opening bank accounts etc.
9. Help reduce money laundering by having all bank accounts verifiable to an identity.
10. Cutting down on health tourists that shouldn't be draining our NHS
11. National fingerprint database for crime prevention ( )

1. Fake passport from any EU country negates this.
2. Fake ID cards will be common place and unless access to the database is granted to all commercial organisations ID cards won't help one tiny bit.
3. Fake ID cards will be common place and unless access to the database is granted to all government departments with low level staff having sensitive access ID cards won't help one tiny bit.
4. Yes assuming the cards have foolproof identifiers and we discussed the impracticality of that a while back, biometrics aren't foolproof with a large sample size. You also assume that cards can't be faked and every copper and court admin person will have and be trustworthy with database access both of which are absurd.
5. Easy enough to get convincing fake passports and would you really want every bank and CC company to have database access? Plus no more applying online/by post, would have to be in person.
5a. As 4 and 5
6. How? Unless you had to produce and scan an ID card when buying anything as trivial as a bus ticket and the scans connected to a massive tracking database for all cards then people could disappear as easily as now.
7. You assume all entrants to the country would be forced to get a card, that would be tricky to get any foreign national to do especially anyone with an EU passport real or fake.
8. Everyone already has a Birth Certificate and NI number, plus to be issued a card you would have to prove your ID which can be faked, that's a silly assertion.
9. Banks with sensitive database access again? ID cards will be faked in massive numbers.
10. EU citizens are already entitled to medical treatment and cards can be faked, again biometrics aren't reliable.
11. Crime is commonly perpetrated by repeat offenders who've already been fingerprinted, plus of course gloves are rather cheap.

You are clearly as gullible as Jacqui Smith.

I think it IS Jacqui Smith.

The road to Hell is paved with good intentions...

Beware the Law of Unintended Consequences...

Just a couple of points from Earlier

(a) they'll be fakeable
As I said, the database is where you maintain your integrity

And we have all seen how well maintained all the government databases are. Look at the tax credits database. People wrongly paid and/or overpaid. I doubt this is holding anywhere near as much data as the ID cards one.

(b) in order to get one you need the CURRENT I.D. which proves who we are. If this isn't good enough already, how will the new card be?

We don't have a current form of I.D. we have a driving licence and a passport that are used as forms of identification. The ID card may be circumvented by a wrong 'un, but that'll only happen once due to the biometric data. When you're on it, you're on it.

How do you confirm that the person applying for the ID card is who they say they are. So a person with a stolen/faked passport applies for a card and gets one, what happens to the real peroson whose identity has been stolen?


(c) the database behind it will loose people's data, so it WONT identify correct people (see point (e))

A database does not lose data, human error causes data loss.

First of all, no system is foolproof. Systems do fail and do lose data. Also, you admit that the human element of this system can lose data - surely that is a huge flaw in the whole thing. If they can't keep our tax data secure why do you trust them with our biometric data?

(d) people will HAVE to pay for the pleasure of all this as you MUST have one (and must have the current I.D. in order to get one! )

I have no problem with that

I do. If you have not got a passport or driving license then you have to pay to get one or the other before you then have to pay for the ID card.


(e) the database behind it will be written by EDS so it'll take 10 years and £10billion for the privalge of (c) and (d)
Is that straight from the horse's mouth is it? Considering that 'writing the database' as you put it hasn't been tendered yet. Although Thales SA did win the tender to create the protoype register, but why let fact get in the way of your fantasy.

The fact remains that there are only a handful of IT companies who could be used to create this. Their track record and that of the government in terms of managing these projects is shocking.

I remember when government departments wrote their own software. It generally did what they wanted it to do.

1. Fake passport from any EU country negates this.
I believe part of the Schengen open borders policy is that all member states have to have introduced Biometrics into their passports. I think this was initiated by the US after 9/11. Link

The new EU wide e-passport systems use a mechanism called 'passive authentication' to detect unauthorised changes of data on the chip. A document security object, or 'SOD', is stored in the chip, which contains between two and 16 mathematical values (check values), used to check whether the passport data has been altered. The collection of values is signed using a digital signature. The signature and the public key of the signer, used to check if the signature is correct, are also in the SOD file.

The e-passport system checks if the digital signature in the SOD has been signed using the public key in the SOD, and whether the public key is owned by a bona fide country. To do this, an International Civil Aviation Organization (ICAO) service called the Public Key Directory (PKD) will be used.
Link

I believe there is a current exploit being talked about that can bypass some of these checks on an approved system, but if the exploit is confirmed then I'm sure that the software will be patched.

Anyway, Europe is going to require Biometrics for all non-EU members entering the EU.
Link

I'm not trying to say that the system is failsafe right now, it's only in its infancy, but give it 10 years and I bet it's working. The US and EU are spending billions on the technology.

2. Fake ID cards will be common place and unless access to the database is granted to all commercial organisations ID cards won't help one tiny bit.
I doubt fake ID cards will be common place. A commercial organisation doesn't require modify rights to a database to query it. Alternatively details can be faxed across to a government department for clarification if anything flags up, for example in a mortgage application.

3. Fake ID cards will be common place and unless access to the database is granted to all government departments with low level staff having sensitive access ID cards won't help one tiny bit.
You don't need to be able to write to a database to query it. I also believe that people with modify permissions to the database will be cleared.

4. Yes assuming the cards have foolproof identifiers and we discussed the impracticality of that a while back, biometrics aren't foolproof with a large sample size. You also assume that cards can't be faked and every copper and court admin person will have and be trustworthy with database access both of which are absurd.
ID cards will contain 10 fingerprints (where possible); (possibly) Iris; photo; personal details; i.e D.O.B, address, and PIN. The chances of a false positive on all points is absurd, the chances of a false negative with all that information there is also extremely slim. Again, the court admin and police officer does not need to have the ability to modify data in the database to query it.

5. Easy enough to get convincing fake passports and would you really want every bank and CC company to have database access? Plus no more applying online/by post, would have to be in person.
5a. As 4 and 5
Yes all checks will have to be done in person, that's unfortunate in this day and age, the days of trusting a signature on the back of a photo are long gone. Please see point 1 about the passports, my contention is that with Biometrics, you may be able to intercept a passport and clone it, but you won't be able to modify any of the information. Scenario:

Traditional Scam
Obtain detailed background documentation on a person
Send off for a passport application

EPassport Cloning
Bribe a postie
Research the people in the postman's area
Obtain passport letters, brute force attack the RFID chip
Construct a replica passport with a cloned ID chip
Find someone who looks similar to the passport user to use the passport

6. How? Unless you had to produce and scan an ID card when buying anything as trivial as a bus ticket and the scans connected to a massive tracking database for all cards then people could disappear as easily as now.
Last known address, benefit office, driving licence details, car insured, mortgage application etc. It gives you a starting point to conduct more enquires

7. You assume all entrants to the country would be forced to get a card, that would be tricky to get any foreign national to do especially anyone with an EU passport real or fake.
See point 1

8. Everyone already has a Birth Certificate and NI number, plus to be issued a card you would have to prove your ID which can be faked, that's a silly assertion.
Neither of which are means of photographic identification. I'm glad you brought up the NI though, we're all already on a National Identity register, all they're proposing to do is add some more details to it.

9. Banks with sensitive database access again? ID cards will be faked in massive numbers.
See point 2.

10. EU citizens are already entitled to medical treatment and cards can be faked, again biometrics aren't reliable.
See point 1

11. Crime is commonly perpetrated by repeat offenders who've already been fingerprinted, plus of course gloves are rather cheap.
I threw that in to really put the cat amongst the pigeons, especially when the DNA database is linked up to the register as well.

ID cards? What a hoot! It's as easy to get across an island's borders as falling off a very slippery log. Boats - our nemesis!

I thought Doctor Who was your nemesis?