BNET UK
silicon.com
ZDNet UK

Home
News
Blogs
Reviews
Videos
Jobs
Resources
Community

Leader
Comment
White Papers
Downloads
Special Reports

Hardware
Software
Communications
Internet
Security
IT Management
Emerging Tech
Leader

Group Blogs
News Blog
Post Room
Rupert's Diary

Hardware Reviews
Software Reviews
Editors' Choice
Buyer's Guides
Tech Guides
Competitions

Dialogue Box
Security threats
Server platforms
Mobile devices
Application development
Full video index

Articles
White Papers
Downloads
Companies
Broadband Speed Test

People
Competitions
Post Room
FAQ

You are here: ZDNet UK > News > Security

Security management Toolkit

ID scheme undermined by poor-quality fingerprints

Tags:
Fingerprints,
Biometrics,
ID Cards

Tom Espiner ZDNet.co.uk

Published: 11 Jul 2008 16:39 BST

The National Identity Scheme could be undermined by the quality of fingerprints from people aged 75 and over, according to an official report.

The Biometrics Assurance Group (BAG), a group of independent experts which reviews biometrics implementation across government, brought out an annual report at the end of June. The report was extremely critical of many aspects of the government's biometrics plans, especially those around the National Identity Scheme (NIS).

As part of the NIS, the government intends to enter the personal details, including fingerprints, of every person in the UK, into a National Identity Register. The register is supposed to provide a 'gold standard' for identity authentication.

However, the BAG report said the government had failed to adequately address how to handle biometrics 'exceptions' to the scheme, including four million people in the UK population aged 75 or over, whose fingerprints may not be of sufficient quality to act as identifiers.

"BAG was particularly concerned with the plans for exception handling, noting that it would be a large part of the NIS (for example, more than four million people are over the age of 75 in the UK, a group for which it is hard to obtain good quality fingerprints)," stated the report. "Exception handling has a large impact not only on the technical elements of the scheme but on business processes, schedules and costs."

The Home Office denied that fingerprint quality for this age group would be unusable, however.

"We anticipate the situation where fingerprint image quality is so poor that it is unusable to be extremely rare. Even in the 75-plus age group, print quality is normally perfectly usable," stated a Home Office spokesperson. "On the very rare occasions when a fingerprint image falls below the quality required for automated matching, it is passed to a fingerprint expert who carries out the encoding manually, so it can be used by the automated system and stored on the database. The fingerprint expert can also manually compare two fingerprints to provide confirmation of identity."

The BAG was also concerned that alternative forms of authentication, including iris recognition, had not been mandated by the Identity and Passport Service (IPS). However, the IPS said that, while there was no obligation for suppliers to provide iris-recognition capabilities, suppliers had an obligation to provide systems that could be made capable of capturing biometrics other than fingerprints.

VIDEO

Dialogue Box 7.4: The expanding digital universe

How much data will be created and stored in 50 years' time? Rupert and Charles make some extrapolations and come to a startling conclusion

View full video

Another area of concern for BAG was the lack of a co-ordinated approach to fingerprint-reader procurement, which it said could result in "confusion". IPS replied that it implemented minimum standards around image data and quality, but would not mandate hardware standards.

The report outlined more concerns, including the lack of an international standard for facial search and recognition technology. It also said issues of privacy, use of data and consent for data use had not been made explicit. Governance structures for biometric data were also not well defined, according to BAG.

Regarding enrolment tests carried out by IPS, BAG was concerned that tests for enrolling people with "challenging biometrics" had not included the elderly, nor had it included mute, non-English speaking, blind or visually impaired people.

The group also emphasised that the public needed to be made explicitly aware of routes of redress and compensation for misuse of biometrics "because it is impossible to fully reassure [people] that the government can be trusted with their information".

The UK e-borders programme, a border control and security framework, also came in for criticism. BAG was concerned that innocent travellers whose names were the same as those on 'alert lists' of possible terrorists and criminals would be continually stopped by border control. IPS conceded this might happen, but claimed this would not be "a common occurrence".

Did you find this article useful?
8 out of 9 people found this useful

Share this article:
Digg
Slashdot
Del.ici.ous
Stumble
Reddit

In association with Network Liberation Movement

Company/Topic Alerts

Create a new alert from the list below:

ID cards
Fingerprints

Biometrics

Related BlackBerry Resources

Protecting the BlackBerry Device Platform Against Malware

BlackBerry Devices with Bluetooth - Security Overview

BlackBerry Enterprise Server IT Policy

BlackBerry Enterprise Solution - Security Technical Overview

BlackBerry Enterprise Solution and RSA SecurID

CIO's Guide to Mobile Security

See All White Papers

Video

Install Flash Player plugin

Find out more: Microsoft exec outlines...

All videos
Most popular videos
Latest videos

Featured Talkback

It seems to me this is a burden being placed on the wrong shoulders. There is not an It system in the world that can stop an individual taking information in their heads and spewing out at the nearest undesirable third party.