People are asking if the proposed ID card scheme can survive the recent data security cock-up. The government are pressing ahead claiming “biometrics” will make everything safe. However, biometrics would not have stopped last week’s data leak because it didn’t happen due to unauthorised access to data, it happened because of incompetent management of the data, cost cutting and human error.
It has now been announced that a simple method, using food gelatine, has been developed, that for less than £20 a go, can fool fingerprint detectors 4 times out of 5.
Biometrics won’t even prevent ID theft. It might even make it easier! Passports and ID Cards will store fingerprint data as a series of numbers on a wireless Chip. These chips can be read with a device near you, but not touching you, similar to a Bluetooth mobile phone. The government claim this doesn’t matter since it is not possible to recreate a fingerprint using the numbers stored on a Passport or ID Card. Unfortunately once again they are wrong! An academic paper published in April showed that mathematicians could reconstruct a fingerprint from this data. To prove the point they printed out the images they made, and then used the food gelatine trick to successfully fool fingerprint readers.
However, the really worrying thing is that once your fingerprint has been stolen and used by thieves or terrorists what can you do? It’s easy to change a stolen PIN Number but how do you change your fingerprint?