About The Blog

Debate at the intersection of business, technology and culture in the world of digital identity, both commercial and government, a blog born from the Digital Identity Forum in London and sponsored by Consult Hyperion



  • Add to
Technorati Favorites


  • Creative Commons

    Attribution Non-Commercial Share Alike

    This work is licensed under a Creative Commons Attribution - Noncommercial - Share Alike 2.0 UK: England & Wales License.

    Please note that by replying in this Forum you agree to license your comments in the same way. Your comments may be edited and used but will always be attributed.

« January 2008 | Main | March 2008 »

11 posts from February 2008

Identity thieves

By Dave Birch posted Feb 29 2008 at 10:46 AM

[Dave Birch] I've been thinking about identity theft because of a meeting I'm going to later on today and I was mulling over the different kinds of identity theft. It seems as if most of the identity theft we here about is really just "simple" credit card fraud, but of course there are other bigger and potentially more serious kinds of identity theft. But, once again, I must ask to what extent those crimes are the super new 21st century crime of identity theft and to what extent they are old-fashioned deception. Here is a case in point. I"m pretty sure I saw this on The Real Hustle on the BBC a few weeks ago, so I wonder if this is where the perps picked up the idea?

A brazen swindle in Wheaton last week in which a man walked into a BB&T bank dressed as an armored truck courier and walked out with $574,500 in cash has been linked to a similar bank job the next day in Washington, authorities in Montgomery County said yesterday. Assistant State's Attorney Marybeth Ayres named Elizabeth K. Tarke, a teller at the BB&T branch, as a possible ringleader.

[From Teller Called Possible Ringleader in Two Bank Thefts - washingtonpost.com]

If you were going to pretend to be somebody else for half an hour, who would it be? Me, or a cash collector? The story says that an employee checked the bogus courier's ID card. But how? I really doubt that the bank employee took off the courier's ID card and put the ID card into a machine and had the courier put his eyes up to an iris scanner to match his iris to the card and then went online to have the card credentials verified by the courier company and bank servers. I'm sure the story means that the employee glanced at the ID card and it seemed about right.

Continue reading "Identity thieves" »

An unhealthy interest in databases

By Dave Birch posted Feb 27 2008 at 8:42 PM
[Dave Birch] The National Health Service's vast Connecting for Health programme has within it a fascinating identity management case study. In order to ensure the security of the system -- which naturally includes sensitive medical records -- the NHS decided to issue smart cards to all staff. Unfortunately, a recent assessment found

...serious weaknesses in controls over access to patient data, with more than 4,000 NHS smartcards already missing and one in 10 trusts admitting they had no idea how many cards had been lost or stolen.

[From Pulse - The GP's website - MPs told of new patient record breaches]
Many years ago, at a meeting of the Parliamentary IT Committee (PITCOM), I asked the then head of the programme, former management consultant Richard Granger, how security would be maintained in a system with more than a million users and I was told (rather abruptly, as I recall) that I shouldn't worry about it because top security boffins had taken care of it, and that smart card would be required to access everything, and audit trail would be kept and so forth. Well,

The national rollout of the Summary Care Record is to take place this year and speaking during a debate over the committee’s inquiry into the rollout, Labour MP Keith Barron revealed examples where NHS workers breaching security controls had gone unpunished. Admitting he had previously believed the BMA to be scaremongering over the issue, he described one case in which no action was taken by a PCT after an employee gained access to identifiable patient information by persuading a district nurse to disclose her username and password.

[From Pulse - The GP's website - MPs told of new patient record breaches]
Wait a moment! What happened to the smart card that would be required to access identifiable patient information? The system started off by requiring an unrealistic level of security, millions of pounds were spent trying to build it, and then they went back to usernames and passwords? This does not bode well for other giant databases full of personal information that will be kept secure (through mechanisms as yet unknown to science) despite having hundreds of thousands of users.

Continue reading "An unhealthy interest in databases" »

Just how much is your data worth (reprise)

By Dave Birch posted Feb 25 2008 at 11:59 AM

[Dave Birch] I've uncovered some more fascinating data points in my quest to establish the value of personal data, in different circumstances, to feed into some of our risk analysis work for clients in both the private and the public sectors.

HM Revenue & Customs paid £100,000 for data that it is using to launch investigations of up to 100 British citizens who have accounts at Liechtenstein’s biggest bank... The bank informant has already provoked a storm in Germany by selling data on 750 wealthy Germans’ accounts to the country’s intelligence service for £3.2m in January last year.

[From Tax authorities pay for Britons' bank details - Times Online]

Bearing in mind the errors in my calculations last time, this time I was careful to double check. My conclusion is that details of your bank account are worth £1,000 to the tax authorities in the U.K. but £4,000 to the tax authorities in Germany. I'm not sure what to conclude from this: either Germans evade more tax, HMRC overpays for information (whether from criminals or management consultants) or the story has been made up by journalists, but nevertheless it gives another useful data point for the collection. Criminals will pay £10 for your bank account details, governments £1,000.

Continue reading "Just how much is your data worth (reprise)" »

Biometrics forge ahead

By Dave Birch posted Feb 21 2008 at 10:08 AM

[Dave Birch] I've said before that the introduction of biometrics into the mass market is more about convenience than security, but it seems as if the current U.K. approach is more about inconvenience (not that that's necessarily bad)...

Members of industry body UKinbound say they are continuing to report "severe" drops in demand from travel to Britain from China, India and Russia in particular due to the time and cost of travel to visa centres. Reporting a 2.5% decline in overseas arrivals in December, the organisation said long haul travel to the UK was worst affected, with the new method of visa data collection introduced from last October being of "particular concern".

[From Biometric entry visas hitting tourism to UK-18 February, 2008]

Now, like any other stout English yeoman, I don't really care about foreigners being inconvenienced, but I do care about U.K. plc, which is why the connection between the introduction of biometrics and the fall in visitors caught my eye. What's worse, though, is that the government's approach appears to be to inconvenience stout English yeoman as well. I'm not the only person that has noticed that the biometric iris-scanning system at U.K. airports doesn't seem to work as well as might have been imagined when the plans were being forged in the white heat of new technology:

There were about 40 people waiting to show passports and three people in the iris queue. I was iris-enabled and my colleague was not, so we decided to see who got through faster. No contest - I had not even got into the iris machine before he was waiting on the other side. Iris recognition is a clever idea, but the execution is hopeless.

[From Heathrow iris-scan queues are slower - Times Online]

I lack commitment, so I gave up using the system after it refused to let me into the country (perhaps it can read blog feeds) and therefore I can't say whether it's got better or worse over the last few months, but my guess would be worse because the poor performance might well be related to the size of the database as well as poor implementation.

Continue reading "Biometrics forge ahead" »

Bringing privacy into the equation

By Dave Birch posted Feb 18 2008 at 4:38 PM

[Dave Birch] The equation, in this case, being sum(security+privacy)=rand(). Now, while you might argue that it is at least possible that there is some more complicated mathematical expression that may relate the two in some way, I think I'm coming round to the opinion that we should treat security and privacy as entirely uncorrelated from the point of view of system specification and design. Apart from anything else, it's why I think we should decouple the concept of the national identity register (which is about security) from the concept of the national identity card (which ought to be, but isn't, about privacy). It's also the reason why any statement (in particular, government statements) about giving up some privacy in order to obtain security seem so empty and why technology could deliver so much more than many people imagine.

Continue reading "Bringing privacy into the equation" »

Still practising

By Dave Birch posted Feb 15 2008 at 9:13 AM

[Dave Birch] I went to a European Commission "epractice" seminar to share best practice about electronic identity -- and in particular the interoperability thereof -- in Europe. Consult Hyperion have been doing a lot of work in this area -- we were commissioned by the EU to study identity interoperability last year -- and so I thought it would be very useful to come along and exchange ideas. It was gratifying to discover that the conclusion of our work for the Commissin was congruent with the findings of all of the other studies for the Commission: not only is there no interoperability whatsoever at a European level, there's precious little of it at the local level either (ie, you can't use your HMRC login to log on to DVLA and so on). There were some studies that have gone down another level, and they discovered that one of the reasons for the lack of interoperability is that none of the European identity schemes are using a standard-based approach (with the except of SAML that is being used in a small number of schemes).

It was quite well-attended (there must have been more than 40 people there) and while there were a few familiar faces, I enjoyed the opportunity to listen to some new(to me) perspectives. One of the points made at the beginning was, I think, key not only at the international level but at the national level too. It was that the focus should be on interoperability rather than harmonisation. There is no need for everyone to use the same identity management scheme, identity cards, identifiers and all the rest of it. Hence one of the ways forward is to imagine a set of technology-neutral national gateways and interconnect through those gateways.

In the afternoon I went into the breakout to discuss mobile e-identity, which I'm becoming increasingly enthusiastic about. The reasoning is that in order to make some form of electronic identity useful to citizens, it has to do some interesting things. But a card can't do anything interesting things, whereas mobile phones can and --- and I think this is central to the discussion looking forward two or three years -- what's the point in issuing another smart card when the entire population has a mobile phone already.

Continue reading "Still practising" »

Of course, the camera adds 110lbs

By Dave Birch posted Feb 11 2008 at 2:07 PM

Unbelievable but true: I've been to London Fashion Week. And to prove it, here's a video I took at the actual fashion show...

Continue reading "Of course, the camera adds 110lbs" »

The role of identity cards

By Dave Birch posted Feb 8 2008 at 12:44 PM

[Dave Birch] Writing in a recent Spectator, Hugo Rifkind of The Times explains just how shocked he was when what used to quaintly refer to as e-government actually worked. In this case, he was applying for a replacement driving licence online...

I didn’t need to register, as I had apparently done so already, by creating something called a Government Gateway account when filing my tax return. I didn’t need to send them a photograph, as they still had my old one on file. I didn’t need to prove my address, as they had the electoral roll. I didn’t need to send them proof of identity, as they could look up my passport, just from the number. Seriously. Twenty minutes.

[From Shared Opinions | The Spectator]

He mentions this to support the idea that there's no point being against a identity card because, in essence, we already have one. But this is wrong: this is an argument in favour of an effective national identity register (which I am in favour of too) not an argument in favour of an effective national identity card which, had it existed and been designed properly, would have been used to authenticate Mr. Rifkind in this transaction. His experience illustrates precisely why the government should focus on the issuing of national identity numbers and not on storing data -- any data -- in the register. Adding a national identity number to the DVLA database makes sense: adding the DVLA number to the register doesn't deliver anything beyond what is already place and makes the system potentially more vulnerable. What should happen is this: Mr. Rifkind logs in to the government gateway -- initially using usernames and passwords but using 2FA once the cards have been rolled out in the future -- and from then on seamlessly moves around government departments and gets stuff done using standard federated identity products. No spending half an hour searching for the piece of paper that you haven't seen since last year that has your government gateway log in details on it, as I did when sorting out my tax last month (unluckily just before the whole system crashed).

Continue reading "The role of identity cards" »

Identity and incentives

By Dave Birch posted Feb 5 2008 at 9:56 PM
[Dave Birch] Now, I don't want to blow my own trumpet (well, not strictly true I suppose) but it's only taken me five minutes to come up with a better idea of an incentive for identity card use in the U.K. than any I've heard so far from the government's management consultants. Does anyone remember the story of Geldkarte in Germany? It was a barely-used electronic purse added to German bank cards some years ago. It was moribund until the big bankers came up with an excellent (and I use the word deliberately) wheeze. They persuaded the German government to pass a law requiring the use of bank cards (that could verify age) to buy cigarettes. Naturally, Geldkarte complied with the relevant standards, and away they went. Now I notice that Japan is going down a similar route:

The Tobacco Institute of Japan has started accepting applications for taspo age-verification cards to be used at cigarette-vending machines starting in March... To obtain the card, an application form with a mugshot and a copy of a document that shows the applicant's age, such as a driver's license, must be mailed to the institute... From July, all 520,000 cigarette-vending machines in the nation will require the card, which also can be used as an electronic money card to buy cigarettes from vending machines.

[From Smart card for cigarette machines introduced : Business : DAILY YOMIURI ONLINE (The Daily Yomiuri)]
Now there's an idea. You could bring in a quarter of the population at a stroke (bad choice of language, I know) and build from there.

Continue reading "Identity and incentives" »

Another thing invented by lawyers

By Dave Birch posted Feb 4 2008 at 10:05 AM
[Dave Birch] Over at SecureID News, Daniel Butler was asking whether digital identity can curb spam. Apart from reminding me that the first ever Internet e-mail spam came from a couple of lawyers in Phoenix -- who in April 1994 hired a programmer to post a message advertising their services around the U.S. green card lottery to thousands of newsgroups -- it also made me reflect yet again on why nothing is happening. The most obvious way forward would be to use encryption and signing: since both S/MIME and SSLv3 were standardised many years ago (in fact it's difficult to buy a mail package or web server that doesn't have them) it's a puzzle that we don't use them. Requiring all e-mail to be digitally-signed, and instructing mail servers to throw away any mail that didn't have a valid signature, would be an obvious way to stop spam from reaching inboxes, because it raises the cost of sending a spam e-mail from zero to very little: but that's enough.

Continue reading "Another thing invented by lawyers" »