Exclusive: Next-generation super ID card on the cards for 2012

Identity card could come with a raft of new features - and even a free upgrade - under government proposals...

By Nick Heath, 17 March 2010 16:44

NEWS

The government is considering introducing a new generation of ID cards for British citizens in 2012, complete with a raft of new features.

More than 7,000 ID cards have been issued to British people since the UK cards were made available in November last year, starting in Manchester before rolling out across the North West and to select groups across the UK.

ID cards

The current version of the ID card for British citizens
(Image credit: Home Office)

The proposed upgraded cards would be issued from 2012, when ID cards will be made available to everybody living in the UK.

Speaking at an event hosted by the Social Market Foundation earlier this week, Bob Carter, public key infrastructure and encryption expert for the ID cards scheme at the IPS, told silicon.com that the first generation card "is a tactical card that we have put out very quickly.

"The strategic card has a 2012 launch when all of the main things are going to happen. That's when you will find more features in the product [card]."

Existing British citizen ID cards are designed to simply verify someone's identity using a government issued card reader, a device which reads the biographic information and the digital photo and two fingerprints stored on the ID card's embedded RFID chip, and allows an official to check those details against the person presenting the card.

The proposals currently under consideration could potentially see ID cards used to perform new tasks - such as authorising online transactions using chip and PIN and verifying the holder's identity over the internet - which are not possible with existing British ID cards today.

Among the various technical improvements being looked at...

For all there is to know on ID cards, check out the A to Z of ID Cards

Comments

There are 16 comments. Join the discussion

  1. 1. karen challinor

    more than 7,000 cards issued, with an adult population of around 51,000,000 I make that around 0.01% take up since the launch, obviously money well spent then

    and this sudden rush of new features to make it look more like the cards issued by countries like belgium are not so much function creep as function sprint, the NIR is still going to be there, you'll still be on it for life and it will still monitor and allow control of your movements and expenditure

    chip and pin are basically used to transfer liability on to the card holder rather than the issuer, and in the case of the ID card it makes you less secure as anyone who shoulder surfs your PIN and then pickpockets your card becomes you for all intents and purposes

    it's not even a solution looking for a problem and tarting it up with new extra features while retaining all the bad features won't make it one

  2. 2. Cheeseburger

    @karen challinor
    Fascinating. Take up of any new product is surely dependent on the number of opportunities to buy and the brand's capacity to supply the market. Both of which I suspect are very limited at the moment, but if the programme continues that is likely to change. I wonder if you will still be saying this when there are a million cards or ten million cards around? And anyway, what are you comparing take up rates with precisely? This is a new product as far as I can see and it has no competetor products - it's the only UK national ID card around. Perhaps you mean to compare it with the ID card for foreign nationals? Not very valid as that one is compulsory and so has a captive market. What else is there to compare it with?

    And your point on the National Identity Register. Ask yourself this: when was the passport register ever voluntary, hmmm? And do you think it tracks you everywhere too, and monitors your movements and expenditure? Of course not. But the only difference between the two databases is the ID card one has your fingerprints and national insurance number on it and the passport one doesn't.

  3. 3. MossEsq

    It is repeatedly and correctly asserted in this article that credit and debit cards already have EMV chips in them. It follows that we don't need the Identity & Passport Service's ID cards. Their ID cards add nothing.

    We don't need these ID cards and neither do the banks. And the banks don't need the National Identity Register. Again, they've already got their own, in the form of their accountholder databases.

    IPS are trying to insert themselves into the nation's payment systems. If they succeed, how long before we revert to barter? Two weeks? One?

  4. 4. MossEsq

    The credit card companies tried to add end-to-end PKI to their operations and failed*. It's difficult. One problem was that the banks would have ended up in the position of software houses, issuing digital certificates and providing support. That is not their business. It wasn't then and it still isn't. Does Mr Carter have the solution that evaded the combined might of the credit card companies?

  5. 5. MossEsq

    EMV. PKI. These seem like new facilities to be considered in the context of ID cards. At least, they do to the Home Office.

    But they're old hat to anyone who remembers OSCIE -- the open smart card infrastructure for Europe [1].

    OSCIE is the European Commission's specification for ID cards. Take a look at the white paper on electronic identity [2], in particular, start at p.7. It's all there. And has been for seven years. The OSCIE specification was finished in 2003.

    What have IPS and their predecessors been doing for seven years? And what do their consultants do for their money?

  6. 6. mjmuk

    More money on something that no one really wants. yes it would be good to have one card for all of the above extra reasons. But fear of the 'big brother' state will still stop people taking these up.

    Perhaps the date of 2012 is interesting in that I would not be surprised that if Labour wins the election, we all have to produce one of these 'new' ID cards to buy tickets to and gain entry to the 2012 Olympics, Now there's a coincidence!!

  7. 7. non_sum

    Why are we paying for banks to enhance their credit card security? Have we not put enough money into them already?

    Vote for the Conservatives at the next elections and we may get rid of this pernicious civil servants' job creation scheme.

  8. 8. HilaryBrown

    Oh for heaven's sake! When are these people going to realise that the very best way of saving money and cutting budgets is to scrap this ludicrous project. No one wants it and the Universities seeing their budgets slashed (remember Education, Education, Education) could think of far better things to do with OUR scarce resources than waste it on such folly.

  9. 9. Foskett

    I had always understood that the underlying basis of the PIN was to enable the banks to hold up their hands in innocence and explain that it was not their fault that soneone had used the PIN. Can this really be the secure ID route?

  10. 10. Galleyslave

    So Westminster still can't get its head round the fact that we the people don't want these damn cards
    Chip & pin is not at all secure as card readers can be obtained in almost any computer shop or can be made by some lowlife.
    Do we really have to vote tory or liberal for this bull ****
    to disappear. I hope not! But if thats what it takes....
    SO BE IT!

  11. 11. Radical Meldrew

    There is something insidious about this latest manoeuvre by the government. The Conservatives have pledged to scrap ID cards if they get in so this latest ploy is to counter this is to make the cards indispensable for accessing services in the future.
    This is a back door route to ensure the present government get their way in spite of overwhelming public opposition is a shining example of how they are attempting to ignore the basic democratic process yet again!

  12. 12. karen challinor

    they are just spinning misinformation and ideas in order to confuse the issue in the minds of businesses and the public

    Ms hillier idly suggest affing features X,Y & Z to the card and the result is a conversation a few months down the line when the chinese whispers have worked their magic that sounds a little like

    "hey did you know that ID cards will let you do W, X & Z ?

    no, wow they look really useful, I'd better enrol now and vote labour to ensure I get these useful features"

    people won't remember what the scheme actually does, they will misremember the new suggestions and they will think things were said that weren't

    meanwhile if labour get back in then all these suggestions will be quietly dropped as being unworkable or too expensive and we'll be back to business as usual with a central authorisation required and logged every time the card is used

  13. 13. oaksys

    It seems that Westminster are refusing to kill this white elephant. I know that elephant keepers grow attached to their charges, so perhaps the only way to finally kill this unwanted monstrosity is to change its keepers.

  14. 14. karen challinor

    @Cheeseburger

    the government have this strange idea that people want these things, so I feel perfectly justified in pointing at a 0.01% take up since launch and saying no they don't

    another strange idea that the government have is that passports are voluntary documents

    and no the passport database does not track your movements and expenditure, it was never intended to

    every time your identity is validated against the NIR or your NIR record is looked at an audit record is made, logging when, where and why

    the government want banks to pick this up thus inserting home office monitoring and possibly veto into your financial transactions and it has long been their intention to control access to public buildings with them

    so movements and expenditure

    further fingerprints and NI numbers aren't the only difference between the passport database and the NIR

    schedule 1 of the ID card act lists the following

    every name the holder is or has been known by
    date and place of birth
    gender
    every UK address the holder has ever lived in
    photo, signature, fingerprints and other biometric information
    NIR number + any ID card number foreign or domestic
    national insurance number
    any immigration document numbers
    passport number foreign or domestic
    driving license number
    any designated document numbers not previously covered
    date of every application
    date of every modification
    particulars of every person who countersigned your application

    and lots more I can't be bothered to list, just a teensy bit more than the passport database

  15. 15. J2897

    Next-generation super ID???

    PKI is just standard e-mail security. It's not exactly "Next-generation". At least, not to those who bother to use the standard e-mail system the way it's supposed to be used (securely).

  16. 16. Cheeseburger

    @karen challinor
    You say people don't want the cards. But around 10,000 people clearly do want the card given they actually have gone out of thier way to get one. Your opinion that people don't has already been contradicted by approx 10,000 other people. If I were a politician, who would I listen to I wonder?

    Your claims about the National Identity Register appear at first to be correct (but out of context) yet your conclusions are wild. The only time a check against the NIR would be made is if you were doing something significant like opening a bank account, taking out a mortgage or working somewhere sensitive like a nuclear power station. They would do this to make sure you are who you say you are, not unreasonably I think. For most people this is probably a once in a decade event. The Government is only interested in this to prevent financial fraud - a public good, and for security purposes. They aren't interested in individual tranactions and can't 'veto' them. That would be the lending organisation who would do that, say, if your NIR check revealed you weren't actually who you said you were. Again, for fairly obvious reasons. You then add some outlandish claim that ID cards will be used to control access to public buildings. Eh? An ID card to get into the jobcentre or council office? I've never seen such a suggestion. Utter rubbish. Yet you link the sensible audit checks on serious financial transactions to an outlandish claim of access to government buildings and presumably benefits and services, to make the claim that Government will somehow control or monitor the expenditure and movements of citizens. That is ridiculous.

    As for your points on the additional information contained in the NIR which isn't on the pasport database. Again, you are wrong or simply misleading. In response to your points:
    1.Same as the passport database
    2.As above
    3.As above
    4.No it doesn't just the past five years, same as the passport database
    5.Fingerprints are one of the two additional bits of information, the others are already on the passport database
    6.A number is on the record so they can find you on the database easily. Not exactly significant or scary.
    7. The NI number is the second significant extra data
    8.Not applicable to UK citizens
    9.Same as the passport database
    10.No it isn't
    11.A note that you already have a passport - since it replaces the passport database, not surprising
    12.same as passport database
    13.As above
    14.As above.
    Hmm. 2 extra bits of info.

Post your comment

In order to post a comment you need to be registered and logged in.

Log in or create your silicon.com account below

Will not be displayed with your comment

By signing up for this service, you indicate that you agree to our Terms and Conditions and have read and understood our Privacy Policy.

Questions about membership? Find the answers in the Membership FAQ

silicon.com wants your opinion

silicon.com wants to know what you think!

Take our survey about the Apple iPad and you could win a £50 Amazon voucher.