I read an interesting article last week by Edward Felten about a proposal to incorporate RFID chips in US passports. Edward W. Felten: Why Use Remotely-Readable Passports?
Yesterday at CFP, I saw an interesting panel on the proposed radio-enabled passports. Frank Moss, a State Department employee and accomplished career diplomat, is the U.S. government’s point man on this issue. He had the guts to show up at CFP and face a mostly hostile audience. He clearly believes that he and the government made the right decision, but I’m not convinced.
The new passports, if adopted, will contain a chip that stores everything on the passport’s information page: name, date and place of birth, and digitized photo. This information will be readable by a radio protocol. Many people worry that bad guys will detect and read passports surreptitiously, as people walk down the street.
This is a remarkably stupid idea that has little to no tangible benefit and will most likely compromise security and enable identity theft. The only possible reason for this proposal is that some technology company seeking a government contract convinced someone that it was a good idea and no one in the process could understand the repercussions if it were to be implemented.
There clearly is a problem with identity theft and the forgery of identity documents such as passports so governments seek solutions to improve security. As you would expect they seek advice from experts in the field. Unfortunately they seem to be ignoring the advice of independent experts whose advice is that there is no technological solution to the problem and taking the advice of industry experts, which typically will be technology companies seeking to sell the government a solution.
Take for example the intention of the British government to include biometric data on the proposed National Identity Card.
Biometric data systems simply are not capable of working on the sort of scale that the proposed national identity card system would require them to.
They are good enough for their primary application which is to verify that for example the iris scan of an individual matches within a certain threshold the biometric data held on the person’s ID card.
But the system also would be required to prevent an individual being able to get a second ID card with different identity details. The proposed method of doing it would be to check that the individuals biometric data isn’t already listed against an identity in the national identity database.
In February 2003 the National Physical Laboratory performed a biometrics feasibility study on behalf of the Home Office, DVLA and the UK Passport Service.
They studied the feasibility of the use of recognition systems for face, iris and fingerprint on the scale needed to cover the population of the UK. No biometric system is perfect and a balance needs to be found between false matches and false non-matches.
A false match is where the biometric template of an individual is matched to that of a different individual i.e. Vera Duckworth of Manchester is falsely recognized as Pauline Fowler of London.
A false non-match is where an individual is scanned and are not matched to their own biometric template i.e. the system has failed to recognize them.
Iris recognition was found to be the best method of distinguishing between individuals.
The results for the iris recognition part of the study were that Iris recognition can achieve a false match rate of better than 1 in a million with a false non-match rate of below 1 in 100.
For the current UK population of 60 million a random individual would be falsely matched with on average 60 other individuals in the national database plus would have a slim chance of not being matched against their own data.
With such a high chance of false matches (in fact it is practically a certainity that every individual will falsely match with another) there is no way to discern the difference between a false match and a true match for an individual who is applying for an ID card with a fake identity. Biometric technology clearly isn’t upto the job of preventing multiple legitimate ID cards being issued to an individual until there is no possiblity of matching with another person.
Undoubtably technology will improve over time but will it improve to the required extent, it has a long way to go to do so.
The worse thing about biometrics is the faith in its infallibility, your biometric template is nothing more than a bodypart reduced to a long stream of numbers it is merely a fancy password and it’s one that can never be changed. The proposed system treats the biometric template as the core of your identity with all the other information about you such as your name and address of secondary importance.
If the details of your biometric template can be stolen and accurately faked then your whole identity can be stolen.
Shit I’ve gone into rant mode the gist of this was supposed to be that politicians cannot be expected to be expert in all fields and justifiably must make decisions based upon the advice of experts. But they must listen to all the advice from all sides even if it isn’t what they wish to hear as decisions must never be based solely upon the advice of comapnies seeking a huge government contract.
There is a cynical part of me that believes that the reality is probably that politicians are being unduly influenced by such things as campaign contributions and are awarding contracts not based on outside advice at all.
Tags: computer security, ID cards, security
