By Nick Heath, 30 January 2009 16:32
NEWS
While the Home Office is hoping ID cards will one day be used for everything from claiming benefits to opening bank accounts, the UK financial services industry has its doubts over how useful the cards will prove.
The UK payments association Apacs - whose members includes the UK's major high street banks - is worried that security features that would have made the card useful for checking identity in large money transfers and online transactions have been stripped from the scheme.
Head of security for Apacs Colin Whittaker told a conference hosted by the BCS Security Forum yesterday: "Some of the features we were expecting in the ID card are not going to be present for the foreseeable future.
silicon.com Financial Services
Get the latest financial services news straight to your inbox. Sign up for the FS newsletter today!
"There's nothing in the middle tech range which is where a lot of the user case scenarios - particularly in the financial sector - are going to give more value. For example, doing a high-value cash withdrawal, a counter-based withdrawal, where a financial institution asks you to put the ID card in a reader, checks it's a valid card and takes a pin number.
"The online capabilities that we were hoping were going to be present are unlikely to be there for the foreseeable future."
According to the Home Office, it is important not to overcomplicate the card with too many features.
Speaking at the same event, identity minister Meg Hillier said: "If you try and lay too much on something then you risk overwhelming it and making it too complex.
"You risk the core and the core is that we have an ID register that is safe and links an individual to their ID."
Apacs' Whittaker questioned whether the ID scheme's expense will outweigh its usefulness.
"I have some grave concerns as to whether we are going to get the services we want at a cost that is going to be meaningful," he said.
Barclaycard too has reservations over where the cards can be used in financial services.
Richard Mould, head of card innovation at Barclaycard, told the conference: "We are a commercial sector. I need to think 'is there a product, a service that I can charge for and that my customers want?'. I have not witnessed any yet."
Mould said Barclays is happy with the PINsentry card reader that it uses to secure its own online transactions and currently sees no reason to switch to using ID cards.
Apacs meanwhile would like a "simple" and "elegant" electronic way to prove the authenticity of the ID card using cryptography, similar to that used in existing credit and debit cards. It also wants some form of PIN-based verification to be useable with the cards, Whittaker said.
Comments
There are 5 comments. Join the discussion
1. Roger
Banks will reduce all types of fraud crimes only if they make signature and PIN systems reliable
This system will eliminate the need for us to protect our personal and card details to deter fraud.
It is strange why banks are not willing to consider proposed system when it is so obvious that current systems are failing to deter fraudsters.
2. Adrian Tawse
This shows even more clearly that the prime purpose of the ID card is not so as to be useful to the citizen but as a state surveillance measure. All this guff about "useful opening bank accounts" is so much-eye wash. If you believe that this and every future Government is totally benign, has your best welfare in mind, and are content for the Government to monitor and guide your every step then fine. Personally, I gave up childish things when I grew up.
3. Guy Herbert (General Secretary, NO2ID)
The Home Office has never indicated it wants to assist secure local authentication of transactions. Banks (like so many others) have been fantasising that the ID scheme is what *they* think it would be a good idea to use an ID card for.
In fact local authentication is anathema to the Home Office scheme, which is hard wired in statute to run a central register, and has always been about putting the Home Office in control of the population, making it the master department as gatekeeper of all identity-based transactions for the public sector. It just wants banks to get on and help impose the scheme by encouraging more production of ID.
4. Karen Challinor
so the ID card has been pared down in every arena except the cost to the holder and personal data requirements that the holder has to surrender
essentially it is now a flash card that is of no commercial use and little personal use beyond being an expensive way to scrape ice off a windscreen
there is no infrastructure of card readers, there is no secure database to check the card against, there is no way for a commercial organisation to verify the card is genuine
and the government will still get a record of your life history and will need to provide whole new departments to process the data, which of course will be funded from taxes and require a suitably remunerated minister to control
so the only people the scheme is still of use to is the government, who are busily rushing a bill through parliament (Coroners and Justice Bill, Section 8) that will let them bypass any act including the Data Protection Act 2006 and let them put your personal data to any use they see fit, with no safeguard other than the good intentions of the minister signing the data sharing order
oh and the £30 cost per card will doubtless fund some quango that will notionally oversee this process
the card and the associated NIR is and always was a waste of resources and should be scrapped before too much more is wasted
5. GALLEY SLAVE
Strangely, I can't find a use for an I.D card either! And I'am happy to know that I'm not alone.
But our government will blunder on regardless, I guess.