Central identity database increases risk of "huge" data breach
By Andy McCue
Published: 18 October 2005 16:00 GMT
Microsoft has warned the UK government's national ID card plans pose a huge security risk that could actually increase the likelihood of confidential personal information falling into the hands of hackers and criminals.
A top security and identity management expert at Microsoft said the current technology proposals are flawed and criticised other IT suppliers for failing to speak out publicly about their concerns for fear of damaging any future bids for a piece of the lucrative ID cards contract.
Jerry Fishenden, national technology officer at Microsoft UK, told silicon.com the current plans for a central national identity register could lead to "huge potential breaches" and leakage of personal information.
He said: "I have concerns with the current architecture and the way it looks at aggregating so much personal information and biometrics in a single place. There are better ways of doing this. Even the biometrics industry says it is better to have biometrics stored locally."
Fishenden said no systems are ever completely secure and warned that putting vast amounts of personal data and biometric information such as iris, fingerprint and facial scans in one central database would prove too tempting a target for hackers and other criminals.
Microsoft has expressed its concerns directly to the Home Office ID cards team but Fishenden said other suppliers are keeping quiet about their fears over the viability of the current proposals because they want a piece of what would be a multi-billion pound project.
"Every supplier I talk to privately expresses their concerns," he said. "They seem happy to express their reservations to each other. But I don't think we have been as vocal as we should have been on this debate."
Microsoft's comments come as MPs are due to vote on a third reading for the Identity Cards Bill and just a day after Home Office minister Tony McNulty admitted to problems with the proposed biometric technology recognising some people, such as those with brown eyes.
His statement followed a report in the Independent on Sunday warning that one in 1,000 people could be incorrectly identified by the biometric systems because of difficulties in identifying those such as manual labourers who wear down their fingerprints.
I have to agree with Microsoft this time (arrrr......
R. Bencheikh
Thanks goodness a corporation with some clout has ...
Ed Carroll
When me, or my company, start taking security advi...
Anonymous
too little too late
the fifteen or so people wh...
Karen Challinor
...and particularly if it is a Microsoft platform?...
Geoffrey Darnton
The successful candidate will demonstrate experience with Credit Cards and Loans. Business analyst, Swindon, 3 months We are preferred, trusted ...
An Oracle Identity Manager is required for an end user client based in The South East. I am currently looking for a Oracle SSO specialist with High ...
With a Solid name and green fields project on the cards, this is not one to be missed. You will be directly involved with hands on development and ...
Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.
Stories from the web...
Copyright © 2008 CBS Interactive Limited. All rights reserved. Top of page
Nick Heath
Let's shine a light into the public sector IT money pit
With £16bn being spent, why is productivity still falling?
Tim Ferguson
BBC is taking tech seriously, so give it a break!
Auntie is the envy of the world but doesn't get the credit it deserves at home...
Peter Cochrane
Peter Cochrane's Blog: Open info for all?
Government stonewalling citizens
Nick Heath
Home Office CIO on taming tech and why ID cards are good news
Interview: Annette Vernon, Home Office CIO
Nick Heath
NHS records, Google and Microsoft: Where do you want your data?
Politicians: Heal thyself
Alan Hunt
NHS network: Time to get secure
Patient data in need of a check up