ID cards will lead to 'massive fraud'

Key points

• Microsoft warned the scheme could generate a massive amount of ID fraud

• May be a Commons rebellion over whether the bill should get a 3rd reading

• It is proposed the ID cards will carry 13 personal identifiers, such as iris scans and finger prints

Key quote

"Unlike other forms of information, such as credit card details, if core biometric details such as your fingerprints are compromised, it is not going to be possible to provide you with new ones," - Mr Fishenden, national technology officer for Microsoft

Story in full THE government's case for identity cards has been dealt a serious blow on the day of a crucial Commons vote after the software giant Microsoft warned that the proposals could generate "massive identity fraud" on a scale as yet unseen.

In an article for The Scotsman today, Jerry Fishenden, the national technology officer for Microsoft, says the proposal to place "biometrics" - or personal identifiers such as fingerprints - on a central database could perpetuate the "very problem the system was intended to prevent". He says ministers "should not be building systems that allow hackers to mine information so easily".

The timing of the warning could not have been worse for the government; ministers have been arm-twisting behind the scenes to stave off a Commons rebellion tonight over whether the bill should get a third reading.

Many Labour MPs have concerns about the scheme and some have vowed to side with the Liberal Democrats and Conservatives in opposing identity cards. The bill is expected to scrape through today, but the House of Lords is set to give it a tougher time.

Mr Fishenden says that, as no computer system is ever 100 per cent secure, "putting a comprehensive set of personal data in one place produces a honeypot effect - a highly attractive and richly rewarding target for criminals".

Ministers propose putting 13 personal identifiers, such as iris scans, fingerprints and facial imprints, on to a central database, along with personal details such as names and addresses. But the technology expert warns that holding these details in one place "is something that no technologist would ever recommend" and could leave individuals helpless if their details were compromised.

"Unlike other forms of information, such as credit card details, if core biometric details such as your fingerprints are compromised, it is not going to be possible to provide you with new ones," Mr Fishenden says. Using the same "identifiers" every time the ID card is presented is a "highly risky technical design" and could inadvertently broadcast personal information to fraudsters or private companies. Having to produce this much information for every service is "unnecessary" as systems could be designed to ensure that only the relevant data is revealed each time.

"Would you be happy if online auction sites, casinos or car rental company employees are given the same identity information that provides you with access to your medical records?" Mr Fishenden writes.

The fact that Microsoft - which has bid as part of various consortia for numerous government contracts - has outlined its concerns about the security risks will alarm ministers.

Opposition politicians last night branded the scheme "farcical" after Tony McNulty, the Home Office minister in charge of ID cards, conceded that people might be identified inaccurately by the biometric checks.

Internal documents at the Home Office highlighting the failures of the biometric technology - including the revelation that those who are bald or have brown eyes might have trouble being identified - have further emboldened rebels.

An earlier trial involving 10,000 volunteers showed ethnic minorities, the elderly and disabled were at risk of being wrongly identified. Studies have found being scanned in shadow could also lead to an inaccurate identification.

More "defects" were uncovered in the proposals every week, said Edward Garnier, the Tory home affairs spokesman and chairman of the public accounts committee. "The sooner Gordon Brown pulls the plug on this scheme, the better," he said, branding identity cards an "expensive waste of money".

Conservatives are not expected to deploy the full force of their whips to force their MPs to oppose the bill, however, as the vote clashes with the first-round poll in the Tory leadership race.

Mark Oaten, the Lib Dem home affairs spokesman, said: "The ID card bill is rapidly descending into farce, but the costs are still rising."

The Lib Dems will today attempt to have the bill returned to a Commons select committee, arguing MPs have not been given enough assurances or information about the cost and technology involved.

The Scottish National Party was also last night seeking cross-party support for an amendment to the bill to prevent the government from issuing ID cards without a further resolution from parliament.

The party said this would give MPs the opportunity to make a final judgment on the cost of the cards and on the accuracy and effectiveness of the technology.

Stewart Hosie, the SNP's home affairs spokesman, said if the system descended into "chaos", leaving families facing an "ID tax" of hundreds of pounds, "then there must be a mechanism in place for MPs to block a costly or defective scheme".

A Home Office spokesman said: "Biometric technology is being introduced all over the world - for example, to holiday in the US, UK citizens will need a biometric passport. We are taking action now to prepare for the challenges of the 21st century - on crime, security, the speed and nature of communication and international travel and everyday transactions.

"By using biometric data, linked to a national database, we can provide a modern, secure means of confirming identity, helping us to crack down on identity fraud, immigration abuse, illegal working and organised crime."

The government plans to start phasing in the ID card scheme - which is expected to cost at least 5.8 billion - from 2008. Last week, Charles Clarke, the Home Secretary, attempted to alleviate Labour MPs' fears by suggesting a "budget" identity card that would cost 30 but would not encompass a passport.

Soaring crime

IDENTITY fraud has rocketed to almost seven times the level of six years ago, a new study has found.

The UK's fraud prevention service, Cifas, estimates there will have been 135,000 reported incidents by the end of 2005 - from just 20,000 in 1999.

The crime is thought to cost the UK at least 1.3 billion a year. A recent study found three-quarters of household waste contained sensitive material, such as bank statements.

The warnings come at the start of National Identity Fraud Prevention Week.