National identity register could be an expensive flop, warns BCS

Concerns about the biometric technology, data management and costs associated with the government's proposed national identity...

Concerns about the biometric technology, data management and costs associated with the government's proposed national identity card scheme have been raised by the BCS.

The society told the Commons Home Affairs Committee inquiry into ID cards that it was sceptical about whether biometrics could prevent identity fraud and warned of the possibility of duplicated biometric information.

"Iris and fingerprint scans are not necessarily unique for each individual, with almost 100 cases of naturally duplicated identifiers existing in the UK," said BCS external relations director Mike Rodd.

This duplicated personal biometric data raised another technological issue for a national ID card scheme, explained Rodd. "The time taken to check databases of the size contemplated for incidences of duplicated data must be evaluated. If these checks cannot be implemented immediately, it is unlikely the identity cards proposed will have a long-term impact on the incidence of identity fraud."

Other concerns about the reliability of biometrics, and the likelihood that determined criminals would soon find ways to beat them, have been raised by fraud experts and by the Association for Payment Clearing Services, which represents banks and building societies.

The BCS also has concerns over data management issues. Creating the proposed national identity register to support the identity card scheme would be "a vast undertaking", it said. It would be time-consuming, costly and a considerable technological and project management challenge, the society said.

"The smooth running of the ID card scheme will rely on the accuracy of the data recorded in the national identity register," the society told the Commons inquiry.

"It is not yet known what information will be held, although it has been suggested that information such as passport number and national insurance details will be included.

"The BCS suggests that a comprehensive list of data to be held in the register should be agreed before any costly data collection exercise starts, to prevent cost overruns.

"Questions concerning the management of the data remain unanswered: for example, how will the personal information about each individual be checked, and how will such processes prevent fraudulent applications being made?"

The government has already been warned - by information commissioner Richard Thomas - that the accuracy of the 67.5 million records in the national register database would be "fundamental". He said last year that the accuracy would have to reach "at least the gold standard" of the UK Passport Service.

As a first step towards a biometric identity card, the UK Passport Service is launching a trial of facial, iris and fingerprint recording and recognition this month, with 10,000 volunteers. The aim is to determine which technology is least invasive, how the methods work on a large scale, whether people will accept them, and what the practical problems of running a biometric database are.

Read more on IT risk management