Whitepapers/Issues
It seems to be
the fashion these days to collect replicas. After all imitation is
the most sincere form of flattery, so they say.
Not in the ID
business it isn’t. The proliferation of websites offering fake
‘collectable’ ID cards and driving licences is worrying indeed. This
trend has been present for some time and it’s difficult to
understand why anyone would have a legitimate reason to possess a
‘replica’ ID in any form.
It’s also
difficult to understand why ‘replica’ car number plates are also on
sale over the internet - legally it seems. Users are persuaded that
it has become fashionable to display unique registration plates on
off road vehicles and as decorative items.
Of course such
registration plates can also be used on ‘cloned’ vehicles to evade
penalties for speeding through camera controlled areas. They can
also be used to avoid paying congestion charges where number plate
recognition systems compare car number plates with lists of
pre-payments. Those not on the list are fined but avoid penalties if
they are displaying a cloned number plate. At one time it was only
criminals that used false plates.
Another
worrying trend is the use of the word ‘replica’ in the designer
accessories market. Special marketing websites are spamming
potential purchasers with the invitation to buy ‘replica’ products
that look so much like the original that they even come with replica
guarantees and certificates that they are ‘replicas’. At present
it’s designer handbags and watches that are being targeted.
In none of
these instances is the word ‘counterfeit’ used. Is the use of
‘replica’ more acceptable then than fake or counterfeit?
You bet it is!
How will brand
owners respond to this threat? With a ‘replica’ writ I expect.
Jeremy Plimmer
- END -
Biometrigram®
targets digital counterfeiters
A new ‘biometric hologram’ that defies
digital counterfeits and can be produced in seconds is set to
revolutionise the way that brands are protected and security ID
cards created.
NEW BIOMETRIC HOLOGRAM PLUGS THE DIGITAL HOLE IN
SECURE ID
Ver-tec’s technology combines analogue recording with digital data
to defeat the counterfeiters
Ver-tec Security Systems have been quick to recognise the threats
and vulnerabilities in a booming digital age. They have developed a
patented production systems and machine reader verification
hardware, creating an integrated system for the security document
market.
A potential application for the future could be high value
personalised tickets for major international events such as the
Olympics or the World Cup. Biometric information and an individual
ticket reference could be incorporated into the ticket and checked
against a register of members or police records database, providing
additional security.
Other applications include track and trace brand protection and
packaging solutions.
- END -
ID card developments in
China
The growth
rate of smart cards in the Asia-Pacific market has consistently
outstripped European markets during the last 3 years, especially in
China. The annual growth rate there has reached between 30-40% for
the last three years and it is now becoming one of the fastest
expanding countries in smart card development. However recent
developments using smart card technology for China’s second
generation national ID cards has started to cause a few headaches
for Government officials.
More than one
million citizens in Beijing, China's capital, are now being told
they may encounter a "no identification" situation as their
first-generation ID cards are set to expire and a second-generation
card has yet to be applied for. The Beijing Municipal Public
Security Bureau, which is in charge of distributing the
second-generation ID cards in the city, has decided to introduce a
series of measures to help achieve smooth and efficient card
exchange transactions for these people, but there remains
considerable uncertainty over how effective any of these measures
will be. They include offering makeshift second-generation cards and
conducting ID card distribution services on weekends and workday
evenings, the bureau said.
The new
second-generation, ID cards, first launched in Beijing, Shanghai and
Suzhou in March 2004, were officially distributed nationwide to
replace their existing ID card, which was made from paper and
wrapped in a transparent plastic coating.
About 1.5
million second-generation ID cards have now officially been made and
distributed in Beijing. The First-generation ID cards will be put
out of production and distribution this month (January 2005), the
bureau said. The shift is expected to finish by the end of 2008, and
both cards will co-exist before the replacement is complete.
According to a
report on the smart card market in China, recently released by the
Chinese Centre for Information Industry Development (CCID), the
market for smart cards exceeded 500 million in 2004 and the market
demand will be in excess of 689 million by 2006.Sectors
to witness the most significant growth will be in Telecom, Banking,
Urban Public Transport, Identity for National ID cards and Travel
Documents (E-passport)
and the market
of ID cards and bankcards will be the main target of manufacturers.
Due to the
development of identity market, biometrics will catch up at a rapid
pace in China within the next five years.
Ben
Bowmaker
- END -
Whilst the
technologies to support the adoption of Identity (ID) Cards continue
to evolve apace, the debate rages as to whether the introduction of
such a scheme into the UK
is good or bad.
The Identity
Cards Bill was introduced into the House of Commons on 29th November
2004. The Bill establishes the framework for the introduction of a
national compulsory identity cards scheme based on secure, biometric
information.
The Government
has stated that it expects the Bill to bring the following benefits:
· a reduction
in illegal migration and illegal working; and better community
relations as a result
· an
enhancement to the UK’s capability to counter terrorism and serious
and organised crime
· reduced
identity fraud
· more
efficient and effective delivery of public services
Supporters of
such schemes often cite their belief that they will make a
significant impact in tackling organised crime, terrorism, illegal
working and illegal immigration.
We examine some
of the key arguments being considered.
Firstly, those in
favour of ID cards usually stress the following anticipated
benefits.
The Pros
Anti-terrorism
In the aftermath
of the tragic events of September 11 and the more recent global acts
of terrorism, identity cards are an important weapon in the ‘War on
Terror’. Political leaders, confronted with this new and potentially
destabilising global threat are now focused on developing their
defence measures include anti-terrorism using sophisticated
equipment and technologies. Indeed, David Blunkett, until recently
Government Home Secretary, has been a staunch advocate of identity
cards to help remedy this problem. Exponents believe that a national
identity card would make it easier for officials to identify who is
coming in and going out of the UK, and therefore spot potential
terrorists. It would also disrupt the use of false identities by
terrorist organisations, for example in the money laundering and
organised crime, which support terrorist activities
Identity theft
Backers claim
that identity theft (adoption of a fictitious name or the name of
another person with or without their consent ) is one of the fastest
growing crimes in the UK
and claim that an ID card scheme in combination with a central
register has the potential to stamp this kind of theft out..
Whilst it would
prevent the would-be criminal from assuming the identity of a dead
person (as the information will be held in a central registry), the
government admits that criminals ‘may’ be able to get a fake ID card
based on an existing false identity. However, they would then be
stuck with it for life so they wouldn’t be able to claim an
inheritance from an actual family member, for example.
Illegal workers and immigration abuse
Proponents of ID
cards also argue that they could deter illegal workers, as anyone
wanting to stay in the UK
would have to register for a card. Arguably, this would make it
easier for employers as they would only need to check a single
database to verify whether someone is eligible to work in the UK.
Public
Services
Benefit cheats
It’s asserted that a national identity register would make it easier
to pick out individuals exploiting the benefits system. It has been
estimated that potential savings could be in the order of £40m-£45m
annually by tackling the problem of people using false identities to
obtain fraudulent welfare payments. Draft legislation has also been
developed which proposes that individual government departments,
such as the Department for Work and Pensions (DWP), be able to
demand ID cards before they pay out.
NHS abuse
If individuals were required to show their card in order to obtain
treatment on the National Health Service, then it is believed by
supporters that the costly misuse of this service could be
dramatically reduced.
Crime reduction
The proponents of
ID cards believe the scheme will assist the police in apprehending
suspected criminals. If for example fingerprints captured at point
of arrest were able to be compared with the national register,
offenders wouldn’t be able to present a false ID.
The Cons
Those opposed to the scheme argue that it would have a
negligible impact on crime and terrorism, as well as posing a
serious threat to time-honoured civil liberties. Let’s examine these
and other issues in more detail.
Privacy threat
Whilst the
proposed bill allows for the central storage of all information
related to an individual using a single registration number (issued
to each UK citizen) the government asserts that the national
register will hold only basic personal details, e.g. name, address,
and date of birth. Nonetheless, civil rights campaigners are
concerned about both the amount of personal information to be held
and the potential for it to be made available to organisations
across the public sector, including the Inland Revenue, Customs &
Excise and the Police. On top of this, concerns have been expressed
about the proliferation of Government databases
Implementation hurdles
The accurate
capture of data (such as biometric details) have proven to be
problematic in recent trials. Notably, the government put back by a
month a trial of a scheme among 10,000 people and cut the project
from six to three months due to problems with the existing hardware
and software used for biometrics scanning and recognition.
Some of the
issues have been related to technologies, but there’s also concern
regarding the authorities’ ability to implement such a system which
requires the introduction and maintenance of a totally accurate,
secure national register.
System Failure
It is argued that
ID card schemes are based on untried technology, thereby increasing
significantly the likelihood of implementation problems and
large-scale system crashes.
Insignificant impact on crime and terrorism
Doubters argue
that identity cards would be ineffective in reducing crime,
asserting that the biggest problem for the police lay not in
identifying individuals, but rather in linking an individual to a
crime.
There’s no
guarantee that a national ID card and register will deter
terrorists, argues Privacy International in a report entitled
‘Mistaken Identity; Exploring the Relationship Between National
Identity Cards and the Prevention of Terrorism’, which examines key
criteria used to assess the threat of terrorism. The report
concludes that there is no link between ID cards and anti-terrorism
measures. Almost two thirds of known terrorists operate under their
own identity and of the ten most common methods terrorists use to
enter a country, just one would be prevented by ID cards.
Criminal record
With new crimes
and penalties proposed for failing to register their biometric data,
individuals could become liable for a prison sentence or a limitless
rolling fine. Thus, detractors express the concern that many people
could end up being unnecessarily criminalised or wrongly imprisoned.
Level of costs
Official figures
estimate the total cost of introducing a national ID card scheme to
be between £1.3 billion and £3.1 billion, a figure that critics say
is vastly underestimated. Privacy International believes that the
total cost could exceed £6 billion (if you include the cost of
biometric readers or the cost to individuals of replacing stolen or
lost cards). Also, there will be a substantial increase in the cost
to individuals for acquiring a these new types of ID - passport
(approx. £77) and driver’s licence (approx. £73).
Disproportionate impact on ethnic minorities
Those concerned
about this issue have stressed that in view of the fact that black
people are eight more times more likely than white people to be
subjected to police stop-and-search powers, and Asians three times
more likely, that some police officers could abuse the system.
Johnnie
Sam
- END -
Facing up to the new
world order
Companies are waking up to the realisation that a vulnerable
enterprise IT network is also an acute business risk, and many
corporations are switching to smart card technology to ensure
enterprise security. What used to be an issue for IT departments has
now become something increasingly decided at a high management
level.
Today, businesses are starting to wake up to the fact that if they
don’t adequately protect their infrastructure they could be targets
of an attack that might prove financially costly – not to mention a
major PR disaster. Paying lip service to security is no longer an
option with most businesses now understanding the inherent risks of
operating an insecure system.
Today’s
widespread use of information systems and internet technology has
transformed the way we work, communicate and conduct business but we
have also become exposed to threats on sensitive and confidential
corporate data. Though most companies tend to focus on external
threats, recent reports claim 80% of network intrusions result from
insider abuse of network access (CSI 2003). Standard password-based
systems continually prove an inadequate approach to engage these
problems, which is why alternative technologies have emerged to help
make the work place more secure.
Today many
organisations, such as Microsoft and Sun Microsystems, recognise
smart cards provide one of the most reliable forms of electronic
identification, action as the cardholder’s access key to information
and services in both on – and – off-line mode. With the ability to
store, protect and modify information written to the card’s
microchip, smart cards offer flexibility and options for information
sharing and transfer. The card’s dynamic ability to communicate with
information systems expedites traditionally lengthy identification
processes, virtually eliminating paperwork and manual data entry,
while streamlining operations and reducing costs.
Within a
corporation, smart cards allow secure and convenient access to
company networks from any fixed wireless terminal. Whether it’s from
an office workstation, or remote access via a VPN or WLAN for
travellers and remote workers, there is a need for security in terms
of access control, protection user identity, mutual authentication,
confidentiality, session integrity and reliable key exchange, in
order to prevent a third party from unlawful access to intellectual
property assets.
The smart
card’s ability to store and manage employee identify credentials,
passwords and encryption keys, in combination with a easy-to-use
form factor, opens up possibilities that standard username/password
solutions – both form a security and convenience standpoint – cannot
compete with.
More
importantly, the 2-factor authentication achieved through something
you have – the card, and something you know – the PIN, reduces the
risk of someone else accessing your computer, as the card
automatically locks your workstation when removed form the reader.
Moreover, smart card-based solutions can add new security services
beyond the traditional authentication, such as digital signing and
encryption of e-mail, documents and web forms.
Enterprise
security. As mentioned above, such cards may act as a means of
accessing computer networks, but the very same badge can also be
used for building access, or even for basic purchases in the
corporate canteen or vending machines. The card holder gets access
to discounted corporate facilities, while the company has a more
secure access system backed up by an audit trail of who has entered
the various areas of the enterprise.
For example,
IBM uses smart card technology for both employee security and
vending. Other technology companies now adopting smart cards for
enterprise security include Sun Microsystems, which uses a solution
called Javabadge for network and physical security. Meanwhile,
Microsoft operates a scheme that is used by more than 25,000
employees, as well as contractors and other authorised users for
physical access control and remote access to Microsoft’s corporate
network.
A raft of
other organisations, spanning car manufacturers, pharmaceutical
firms and aviation companies are using or have signed agreements to
adopt the technology. Furthermore as the business climate changes,
the use of smart cards as employee ID is no longer restricted to the
major corporations demanding volumes in the tens of thousands. The
new IT era, with its subsequent impact on communication and
information sharing has significantly raised the bar for creating
secure corporate environments. As a result, companies of all sizes
are now beginning to evaluate the technology. A Frost & Sullivan
study in 2003 found that over a third of the Fortune 500 companies
interviewed plan to implement smart cards to enhance network
security by 2006.
Interest in
smart cards for enterprise-wide security is heating up for a number
of reasons. On the technology front, the development of
multi-application cards delivered via both contact and contactless
interfaces enables business to use the technology throughout the
enterprise for a host of applications. Furthermore, smart cards have
experienced a large boost in awareness in the corporate enterprise
community in the last few years.
Growing
interest in the use of digital certificates on multi-application
cards is also helping fuel demand. As digital technology develops,
companies of all size have growing requirements for secure digital
communications, remote access and encryption. By adding strong
levels of authentication, such developments are enabling more
organisations to enjoy the financial benefits of operating ‘hot
desk’ environments.
Many of the
obstacles that were previously slowing adoption of smart cards have
been now removed. Reader infrastructure has become easier to deploy
thanks to standardisation of reader drivers in Microsoft operating
systems and widespread integration of smart card interfaces into
desktop PC keyboards and notebooks. Integration of smart cards in
Microsoft environments has been simplified due to increased support
in Windows 2000 & XP clients and Windows 2003 server and PKI
technologies. For remote authentication, smart cards are now able to
replace one-time passwords through SSL and IPSEC based VPNs.
Another aspect
of smart card technology is its capability to be added into an
existing legacy system for physical access. A contact chip for
logical security services can easily be embedded in already issued
proximity or magnetic stripe cards, hence preserving previous
security investments and fully utilising current resources without
disruption.
Instead of
being costly to implement, smart card technology is now emerging as
a major force, thanks to its capability to host several functions on
one identification device, which in turn promotes user friendliness
and helps lower administration and support costs.
Ben
Bowmaker
- END -
|
