Exclusive: ID cards are here – but police can’t read them

By | February 6, 2009

The first UK ID cards have already been issued – but no UK police officers or border guards have any way of reading the data stored on them.

Currently no police stations, border entry points or job centres have readers for the card’s biometric chip, the Identity and Passport Service (IPS) revealed in response to an FoI (Freedom of Information) request by silicon.com about the £4.7bn identity cards scheme. … The cards themselves carry biographical data, as well as facial and fingerprint scans. While some details about the holder as well as their photo is printed on the face of the card, the cardholder’s fingerprints can only be accessed by reading the chip.

With no readers in place, police and immigration officers are currently still relying on traditional methods of checking ID cardholders’ identity, running a fresh set of prints against existing identity databases … Identity minister Meg Hillier told silicon.com last week that the chip is a “vital part” of the ID card scheme because the “fingerprint coded into the chip … links you to the card”. The broken nature of that link has already prompted criticism by the government’s political rivals. Shadow home secretary Chris Grayling said: “Once again ministers have shown that the ID card project is absolutely farcical. What is the point of spending billions of pounds on cards that can’t be read in the UK?”

via Exclusive: ID cards are here – but police can’t read them – Public Sector – Breaking Business and Technology News at silicon.com.

Can someone just record the signals and clone the passport? They say no:

The IPS chips are designed to operate at a distance of just a few centimetres from the reader. The new British biometric passport is protected with a key that can only be obtained by manually or optically reading the bio data page (the page with the passport holder’s details on). Also, once that key is obtained and communication established between the reader and the biometric passport, all messages are electronic with a unique key for each and every session thus thwarting any would be eavesdroppers. – ips

Thwarting, is it? Perhaps. But this censored article, so brilliantly blocked for anyone not in the UK, disagrees. From Google cache and here:

http://aftermathnews.files.wordpress.com/2008/08/passport-cloning.jpgNew microchipped passports designed to protect against identity theft by terrorists and criminals can easily be faked, it was claimed today.  Tests showed that personal information could be cloned and manipulated within an hour before being inserted into new chips, the Times reported. The paper said it had exposed “security flaws” in the passport system by asking a researcher to clone the chips on two British passports and implant digital images of Osama bin Laden and a suicide bomber. The altered chips were then passed as genuine by reader software used by the UN agency that sets the standards for such e-passports. The tests showed that bogus biometrics could be inserted in fake or blank passports, the Times alleged, saying the flaws also undermined assertions that 3,000 blank passports stolen last week could not be forged.

The identity and passport service at the Home Office remained confident, however, that the British biometric passport was “one of the most secure passports available”, saying no one had been able to demonstrate they could modify or change information contained in a chip, and that if they did, it would be obvious to the reader. A spokesman added: “Continuing investment in biometric technology and enhanced security measures will help ensure that passport security is maintained now and in the future.” The tests for the Times were conducted by Jeroen van Beek, a security researcher at Amsterdam university who can read, clone and alter microchips so they are accepted by the software recommended for use at airports by the International Civil Aviation Organisation.

Van Beek could not be contacted today, but the Times said he had used his own software, a publicly available programming code, a £40 card reader and two £10 radio frequency chips. Within an hour, he had cloned and altered chips so that they were ready to be planted in stolen or fake passports.  A baby boy’s passport chip was altered to contain an image of Bin Laden, and that of a 36-year-old woman was changed to hold a picture of Hiba Darghmeh, a Palestinian suicide bomber who killed three people in 2003. The identities had been chosen deliberately to demonstrate that neither van Beek nor the Times was trying to fake viable travel documents, the newspaper said. … – scenta

Leave a Reply