CHIP AND PINCH; ID card fears after biometric passport 'cracked' in 2 hours.Byline: By ALLISON MARTIN
PLANS to bring in ID cards could lead to a massive surge in identity fraud, campaigners warned yesterday.
Security experts in Holland have exposed a weakness in the technology which allows data to be "skimmed" from a prototype biometric passport
Within two hours they had access to personal information, including fingerprints, a digital photo of the passport holder and their date of birth.
The proposed British compulsory ID card will use similar technology to store biometric information about every adult in the country.
Anti-ID card group NO2ID claimed that, if not successfully rectified, the security flaws could "fuel a massive increase in identity fraud" rather than combat it.
The news comes ahead of today's release of a Home Office report, expected to announce there has been an explosion in identity theft in the UK.
And last week the Mirror reported that plans to fit radio transmitters in ID cards could lead to a "surveillance state" tracking innocent people.
Campaigners claimed the transmitters would act as a spying device, but the Government argued the "proximity chip" was only a tool to allow airport scanners to read the cards.
NO2ID said yesterday the experts from Riscure security lab in Delft Delft (dĕlft), city (1994 pop. 91,941), South Holland prov., W Netherlands. It has varied industries and is noted for its ceramics (china, tiles, and pottery) known as delftware. Founded in the 11th cent. , Holland, cracked the encryption The reversible transformation of data from the original (the plaintext) to a difficult-to-interpret format (the ciphertext) as a mechanism for protecting its confidentiality, integrity and sometimes its authenticity. Encryption uses an encryption algorithm and one or more encryption keys. on the passport using a hi-tech gadget (1) Slang for any hardware device, typically small. Synonymous with "gizmo."
(2) A mini application that resides on a computer desktop or personal home page, typically found in the Windows environment. , then decrypted it on a PC and so gained the holder's personal information.
NO2ID spokesman Phil Booth said: "Identity fraud will be made much worse by ID cards, not better. Numbering and indexing every person in the country on a huge central register, then making us use cards designed to broadcast not only this number but our personal data, including our biometrics, will be an absolute bonanza for identity thieves and fraudsters."
Jerry Fishenden, who is the national technology officer for computer giant Microsoft, added: "We should not be building systems that allow hackers to mine information so easily.
"Inappropriate technology design could provide new hi-tech ways of perpetrating massive identity fraud on a scale beyond anything we have seen before."
But a Home Office spokeswoman responded by saying: "NO2ID's statement makes several inaccurate assertions about the Government's ID cards scheme.
"It fails to mention the Dutch biometric passport was a test system still under development and that the key to cracking the system was the lack of sophistication so·phis·ti·cate
v. so·phis·ti·cat·ed, so·phis·ti·cat·ing, so·phis·ti·cates
1. To cause to become less natural, especially to make less naive and more worldly.
2. in allocating passport document numbers, which is not the case with UK passports.
"Information in the e-passport, which the UK Passport Service will start to issue later this year, will be protected using an international standard."