Wednesday, November 12, 2003

I heard the UK home secretary, David Blunkett, speaking about ID cards on BBC Radio 4 yesterday morning. He said biometric ID cards made identity theft "impossible." This is false.

Biometrics can be an authentication mechanism - something I have that demonstrates I am who I say am e.g. a fingerprint, iris scan or my dna. Biometrics won't be forgotten (which gives them an advantage over passwords) but they can be lost - that iris scan or fingerprint is no good if the eye or finger gets badly damaged in an accident.

Somebody should also tell Mr Blunkett, that although biometrics may be unique they are not secret. We leave fingerprints and bits of dead skin all over the place for example. What he also seems to forget is the database containing all the details of this biometric information need to be secure and accurate. If somebody steals your biometric e.g a fingerprint from a coffee mug or by copying or changing the database with the biometric details...

Just don't be kidded into thinking identity theft is "impossible" with biometric systems.

No comments: