ID cards and iris codes

Ross Anderson Ross.Anderson at cl.cam.ac.uk
Tue, 25 Sep 2001 13:00:52 +0100 

> A look at the archives says that Ross Anderson still 
> participates here, so I hope he'll correct me if I slip up!

You have it about right. The ID card and biometrics issues are
discussed at a number of places in my book, including chapters
6 and 13. The executive summary is that biometric systems work
well for attended applications involving small numbers of 
people, but are generally less suited for mass application.

You're right that, given reliable online systems, there's no
need for cards. Any identification method (even a photo) could
be served online to authorised terminals in order to validate a
claimed identity. So cards are possibly a distraction.

There are specific problems with particular biometric methods.
Iris scanners can be defeated by suitable photographs, or, in
attended use, printed contact lenses. (Given better processing,
FFT artefacts from standard printing could be picked up, but 
the villains would then turn to better printing techniques.)

There are many more system level issues. For example, if one
biometric becomes the standard, then it becomes widely known.
If everyone uses iris codes, then the Mafia knows yours from
the time you ate in one of their retaurants - and Osama knows
Tony Blair's from the high-quality PR photographs No. 10 puts
out.

There are also social exclusion issues. Fingerprint scanners
work less well with the elderly and with manual workers (worn
or damaged prints), while iris scanners work less well with
people whose eyes are dark, such as blacks and Asians (with
the latter being the current target, this should make the
Home Office stop and think).

There are also issues of principle. For example, you don't
want to antagonise Christian fundamentalists (Rev 13:16-18).

Finally, there are also the same issues that you get with ID
generally. The bad guys will have good ID, either through
identify theft (perhaps pre-issue), having genuine IDs issued
by governments that are corrupt or just incompetent (remember
John Stonehouse?), or by social engineering (use the 14-day
temporary ID you get when your smartcard is stolen).

Maybe if my book had come out a few years earlier, and a few
more people had read it, we wouldn't be seeing this avalanche 
of bad ideas. Blowing billions of taxpayers' money on bad
ideas that won't work and that will erode the high level of
support the government currently (and rightly) enjoys is not
the smart thing to do.

Ross