back to article UK.gov fishes for ID ideas

Directgov has asked IT suppliers to come up with new thinking on identity verification. The team, which is now within the Cabinet Office, has issued a pre-tender notice published in the Official Journal of the European Union, saying that it wants feedback on potential requirements for the public sector on all aspects of …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Anonymous Coward

    Solved this ten years ago.

    And was told by someone senior (who happened to be paid by one of the major suppliers...)

    “Well, yes it works, but we’re trying to think of something more...” (complicated?|chargable?|difficult? - Who knows what he was thinking, perhaps there were too many notes?)

    Although senior is a relative term, as I’ve long since disagreed with large amounts of what "senior" people say, but (other) people are impressed with qualifications, not whether someone knows what they’re talking about.

    A person who is well read on a subject, but still can’t propose clever ways forward, remains a pundit to me, rather than a domain expert.

    1. Anonymous Coward
      Anonymous Coward

      So what was your solution?

      That senior people waffle about what they're looking for just means they're not telling what they really want. And why, exactly, would that be?

      I do think we need a good solution for this, and while at it have it mesh well with all those other things and organisations that want your identity so they can tack you to their paperwork. Instead of trying to merely oppose that and stop the avalanche of identi-greed, we should focus on finding ways to give them the tools they need (which not necessairily even resembles what they think they want) that also give us our much-needed privacy.

      Now for a way to convince government of this. It is their job to (pay others to) make it work, after all. I mean they're there for us, not the other way around. I missed the website link in the article. Where did directgov put this forward anyway?

  2. Anonymous Coward
    Anonymous Coward

    Identity verification

    Given that the country seems to be crawling with undesirables I'll bet they are now probably regretting giving up the ID cards scheme. Here’s to the Alliance. Nice one guys.

    1. Uncle Slacky Silver badge
      FAIL

      ID Cards = magic solution?

      Of course, and think how much cheaper the ID card scheme is than the amount of benefit fraud etc. committed by said undesirables....NOT.

      1. Anonymous Coward
        Anonymous Coward

        Costs

        ID cards cost 10Bn

        Benefit fraud 25Bn

        25 - 10 = 15Bn .... looks like real money to me?

        1. BristolBachelor Gold badge
          FAIL

          Benefit fraud

          Hold on a minute. The issuing of ID cards stops all benefit fraud? How does that work? Everyone suddenly becomes honest (even if they haven't been forced to have an ID card yet)?

          ID cards probably would've cost what has been said, plus more. PLUS the additional "ID tax" payable directly by everyone that had one, rather than out of the exchequer.

          Perhaps ID cards would have made some benefit fraud more difficult to commit, but it would most certainly not get rid of all of it.

          1. Anonymous Coward
            Stop

            Re: Benefit fraud

            "Hold on a minute. The issuing of ID cards stops all benefit fraud?"

            ----------

            Wrong. It stops terrorists.

            Oh, hang on a minute, it's not terrorists; it's illegal immigration ..... or was it paedophiles? (I'm always mixing those two up). No, I've got it now. It stops under-age drinking ...... er, I think that's it .... or was it something else?

            This is confusing, so let's just say that ID cards will put a stop all of society's ills, and be done with it. OK?

            1. Anonymous Coward
              Anonymous Coward

              ID cards can't solve everything

              For misrepresentation types of fraud clearly a much higher level of state monitoring is required.

              Illegal Immagration, terrorists and Paedophiles probably also require a lot more databases, and the use of CCTV.

              1. Anonymous Coward
                Big Brother

                You Love Big Brother?

                Just imagine: CCTV in every room of every home.

                Just think of all the bad stuff that would stop.

                Most child abuse, including sexual abuse, takes place in the home. Terrorists also exploit domestic privacy to hide their terrorist preparations. Illegal immigrants hide inside flats and houses. And, of course, benefit cheats either lounge around at home, pretending to look for work, or they're out working, pretending they're stuck at home with some sort of disability.

                The abolition of domestic privacy from the authorities would significantly reduce a lot of criminality in our society. Oppose such a policy of CCTV in every room of every home, and you're practically on the side of child molesters, terrorists, illegal immigrants, benefit cheats, and various other criminals and undesirables.

                I take it you support this policy, Titus Technophobe?

                Or do you have something to hide?

                1. Anonymous Coward
                  Anonymous Coward

                  @Title

                  @Oddly the figure I got for ID cards was £10 Billion over 10 years, I then obtained a figure for benefit fraud of 2.5 Billion per year, to match on timescales I then used a 10 year figure for benefit fraud. By your own figures I guess this would be £40 Billion?

                  @AC 'Or do you have something to hide?' Nope I really don't hide much, I am quite exhibitionist. If somebody wants to see me dangly bits and can find my web cam……… Oh yes it's my lady that loves BB. What I support or not is very much up for debate.

                  On a more serious note Martin Owens ‘Economics 102’ is a very compelling argument.

                  1. Intractable Potsherd
                    Stop

                    Whoa, folks ...

                    You are taking this too seriously - "Technophobe" is pronounced "Troll".

                    1. Anonymous Coward
                      Anonymous Coward

                      Troll?

                      You folks just don't notice irony.

        2. Martin Owens

          Economics 102

          ID Cards cost 10Bn in the hands of a few people, most outside of the UK. benefit to uk economy 1Bn.

          Benefit "fraud" 25Bn in the hands of the many, spending money in the UK. benefit to uk economy 25Bn.

          I say we let them have the money, it's a damn site better for the economy than giving money to bankers and wankers.

        3. AD 4
          Stop

          How much would be solved by ID cards?

          The total benefit fraud may well be 25Bn but how much of that could be solved by ID cards? How would they help assessing whether health problems are real or fraudulent? Or who is really living in subsidised housing, or how many children someone has?

        4. Alfred

          Benefit fraud is not identical to fibbing about who you are

          The vast majority of benefit fraud does not involve misrepresenting who you are, but misrepresenting your circumstances. Knowing absolutely for sure that the claimant is who he says he is will have no effect whatsoever on that.

        5. Anonymous Coward
          Anonymous Coward

          costs are wrong

          Benefit fraud costs about £1bn a year.

          Child and working tax credit fraud about £500m a year.

          Errors in claims for the above come to a bit less than £4bn a year.

          So even taking all of those together it's still nowhere near £25bn.

    2. Tom Chiverton 1
      FAIL

      Ummm

      Benefit fraud is, in the vast majority of cases, about mis-reporting circumstances, not identity.

      Do feel free to keep spouting whatever junk enters your mind, however.

  3. RobAtAscolti
    Big Brother

    Look at the new boss, same as the old boss

    So they scrapped the rather obvious big brother style "ID Card" and are now tendering for something a little more subtle. Nice move Camleg.

  4. Anonymous Coward
    Anonymous Coward

    Link

    How about a link to TED where the pre-tender notice is issued. I spend 2 mins on there and could not find it :(

    1. tonyms

      DirectGov pre tender identification verification

      I agree, I have spent 30 miins trying to find the document. Can anyone send a link please

  5. Anonymous Coward
    WTF?

    My MP is My authentication Protocol

    Given that bits of paper, plastic, and copper wire (and the information they carry) are easily replicated by the black market time we went back to the source.

    Police might be forced to think twice before stopping and searching people if they have to ring up and ask for your MP, doctor, old headmaster, boss, etc. Any ID I've ever carried only ever guaranteed that a great and good citizen added their signature to the end of my application to promise that I really am who I (and my ID card) claim me to be.

    "Who am I?"

    "What am I?"

    The law and government has no business messing with metaphysics!

  6. Nigel 11
    Black Helicopters

    Simple

    Identity verification ... It's all been covered here and it's trivially easy. The problem is that when they say "identity verification" that's not what they mean. The control freaks want a database that can creep, ending up with the UK like East Germany once was, but more highly automated.

    ID verification ... issue a photo-ID card or passport with all the information printed on the document also digitally encoded on a chip within it, and protected by a crypto-checksum. Maintain and publish a database containing all the crypto-checksums of issued documents AND NOTHING ELSE. That's basically a file of random numbers. It's completely harmless. Leave the CD on a train, no problem. Distribute copies to banks, the police, the NHS, anyone that may have good reason to verify that an ID card is officially issued rather than a fake.

    The ID document is verified simply by making sure that the crypto checksum contained within the document matches the one stored within the official database.. ZERO PERSONAL DATA IN THE DATABASE. Got it?

    1. Anonymous Coward
      Thumb Up

      Wot he said plus

      This is a case of a new w*nker in government being taken to lunch by the same old w*nkers from industry. I could live with what Nigel has re-tweeted (if it also excludes the n*zi interrogation to get the card.)

      It's just not 5 years enough yet.

    2. sT0rNG b4R3 duRiD
      Thumb Up

      Bloody good idea.

      Thumbs up. You get my vote.

      Was just about to suggest an RFID surgically implanted into everyone's cranium (Hey, it's in the book of Revelations) but this sounds slightly less painful and may slightly reduce the risk of setting off shoplifer alarms whilst shopping in the high street.

    3. Anonymous Coward
      FAIL

      Errrr....

      http://en.wikipedia.org/wiki/Collision_(computer_science) ?

  7. Livinglegend

    Billions wasted

    on the super, new ID card system that no one needs or wants.

    Ideas! Firstly, force it onto the public sector who already have secure ID cards. Then the 'lower orders' will be coerced by lies and carefully placed, biased news stories, just like the ones used for Employment and Support Allowance. Then give doctors and civil servants a bonus for everyone who signs up to use an ID card, just as is used for the number of ESA disabled people failed.

    Only then will we have the ability to control the unwashed, thick headed mass of peasants. They won't know what hit them and then it will be too late as we already give our favourite companies fat, 6 year contracts, while we can claw some back in party donations and treats.

    The government already fails virtually everyone who applies for ESA. If we can rob severely disabled and dying patients so easily of their rightful allowances, ID cards can be imposed without any problem. Go forth and control the great unwashed who you can then track with their ID cards. Yours will be free, if you are members of the 'correct' political parties, peasants will be charged as much as we can squeeze.

    'Heat or eat' for many will become 'heat or renew yearly ID card'. Sorry eating not allowed as the DWP says you are too fat anyway.

  8. Winkypop Silver badge
    Big Brother

    IDs gunna get you....

    One day, hopefully after my demise, the ID bogey mans a gunna get you.

    They will never stop trying to corral the plebs...

  9. Red Bren
    Grenade

    Yet more supplier-led procurement policies

    You don't go into a car showroom and ask the salesman what he thinks you should drive. So why do governments keep asking their suppliers how they should spend our money? Would it have anything to do with the revolving door between the cabinet and the boardroom, where those dishing out the government pork get rewarded with lucrative consultancies when they finally get thrown out?

    If you can't define your own requirements, then you have no requirements, so spend the money on something useful.

    1. BristolBachelor Gold badge
      Badgers

      Yes and No

      You normally do go to a car showroom and ask what you can buy. You then decide for yourself if you want what they offer.

      The governments of old would've gone into a car showroom and said that they want a car that fits into a supermarket car parking space, seats 20 (with each having their own personally set climate control temperature), goes 200mph while averaging 100mpg....

      Or they would've gone to the car showroom and said it must seat 1, and doesn't need brakes and the engine should only have 3h.p. to save money. Then after a few deliveries, they would notice that they can't fit enough poeple into it, and the engine power means that it can only drive down-hill. They would increase the engine power and then find that you can't stop it.....

      Asking companies who may be able to actually deliver a product: "what can you deliver" sounds like very forward thinking.

  10. william henderson 1

    see?

    they haven't gone away after all.

  11. Anonymous Coward
    Boffin

    @Titus Technophobe

    £25 billion in fraud?

    If you actually did some research before spouting bullshit you would know that actual fraud is around the £3.5 billion mark. Which is significantly less than the cost of the ID card scheme.

    1. Anonymous Coward
      Anonymous Coward

      @Anonymous

      and if you project the costs of benefit fraud over 10 Years to match the costs of ID cards? Also I used a figure of £2.5 Billon per annum, assuming that not all of the fraud could be resolved by ID.

      1. Captain Mainwaring
        Pint

        Less than 5 per cent

        When the DSS carried out it's own internal survey of benefit fraud a few years back, it estimated that less than 5% of benefit fraud was down to people misrepresenting their true identities. That means that a majority of the 2.5 billion pound fraud that is reckoned to be lost every year, is down to people mis-representing their personal circumstances rather than lying about who they are. On these figures, the true cost of benefit fraud deriving from uncertainty about an applicant's ID is probably in the region of a couple of hundred million pounds per year or less.

  12. Anonymous Coward
    Anonymous Coward

    The legions of the walking dead return

    ID card legislation still not repealed...

  13. Rogerborg

    Told you so

    All that's changed is that the new contracts will be given to a different set of Old Boys.

  14. Ken 16 Silver badge
    Big Brother

    Bar Code Tattoos

    You know it makes sense!

  15. mittfh

    ID Database

    I never quite saw the need for creating another identity database. Surely HMRC already have a database of (almost) every adult in the UK, and ONS almost certainly maintain an electronic record of census information. Other agencies hold vast amounts of information on large chunks of the UK population, e.g. electoral register, local authorities (council tax), DVLA (drivers), NHS (depending on where you live, either your GP practice or the newfangled summary care record thingy)...

    Now the national DNA database has been severely scaled back, but you could certainly imagine that if a rapid DNA testing kit was invented (that could produce results in a few minutes), a database containing some form of hashcode representation of people's DNA could be set up as an identity register. For cross-checking purposes it would probably need name / address / DOB - but that could easily be achieved with just a single field - a foreign key to one of the other databases.

    And for fairly obvious reasons, tweak the DB code to make it impossible for anyone other than the DB administrator to to bulk export records, log every access request, and automatically run a report every week / month listing those who've made anomalous requests to the DB.

  16. Anonymous Coward
    Anonymous Coward

    ID cards so that there is a remedy against misuse of data

    Agree with Nigel-11 "Simple" above, that an ID card could be data free.

    But that's not going to happen, when linking of databases already takes place.

    I believe that the most valuable purpose of creating an ID database is so that it has a statutory basis, and incorporates remedies against misuse. I should be able to inspect a record of who has accessed my data, through an ID database.

    We currently have the situation, that the jobsworths with access to databases in government, local government, some statutory bodies and NGOs, link their database access through use of credit reference databases, to form the overall link to the other databases that they have access to, with no record that I can inspect for misuse. Credit Reference agencies were given statutory permission to use the Electoral Register without any remedies against them (by Yvette Cooper as the relevant Minister).

    At the simplest level, I have never authorised a credit reference agency to keep a record, and my credit cards were issued before Experian et all were brought into existence. But if there is fraudulent application for credit, that a credit reference agency authorises without my knowledge, it is my credit standing that is detrimentally affected and I have no remedy against the credit reference agency.

    The Government, through the Passport Service, Customs and Revenue, DWP, Driving Licence Agency, NHS database etc., is permitting gratuitous access to personal data, without effective remedies that a Statutory Identity Card should give. Few culprits are caught and sanctioned.

    I want remedies that the Data Protection Act does not provide and an Identity Card should, so the reason for scrapping the ID scheme appears to be so that Civil Servants et all are not made accountable.

  17. SlabMan

    Hold on a minute

    Identity verification means that, when you first apply to use government services online, they need to find out if you are really who you say you are.

    In the old days, they would have sent a form to the address you gave for you to sign and send back, all of which proves - not very much.

    Now it's common to use knowledge-based authentication to ask some questions to which only you (and the credit-reference agency providing the service) know the answers (hmm... anyone spot a potential vulnerability there?).

    So, though this might mean ID cards via the back door (ouch) or an ID database, it could also mean bog-standard, off-the-shelf KBA as used by financial-service providers et al.

    The procurement procedure being followed is long established civil service practice so no brownie points to the new masters there.

    Really, this whole announcement is a lot duller and more common-sensical than some of the commenters would like it to be, if only so they can fulminate against it. If it means goodbye to the ludicrously bad Government Gateway and means that government services can speed up and gain economies of scale for identity verification, bring it on.

    Next - do away with the stupid DirectGov uber-brand.

  18. Anonymous Coward
    Grenade

    Tell us once?

    I think this is the remote authentication of citizens to the "tell us once" service where you are able to update the content of any of the databases hmg holds on you from a single call centre. The problem being remote authentication of individuals who have forgotten their passwords to change data that the call centre itself doesn't have direct access to.

    A lot of work was done by NIST on Knowledge Based Authentication (KBA) that highlighted that it can't really be relied upon for something as important as citizen data (Especially data they want to fine you on for innacuracy like drivers licences).

    The implication is you need a token of some sort. HMG is desperate not to have to support a token for 60m people especially given there is no trusted infrastructure out there to verify your id card/2nd bio passport even if they did manage to issue them.

    What they are asking is how does the DWP verify you are the person you claim to be when you are trying to update your driving license details if you have forgotten your password? Relying on letters to the registered home address is slow, poor service and irrelevant if you've moved away from your last registered address.

  19. Anonymous Coward
    Unhappy

    They can't even administer car IDs, let alone people's IDs

    I've just been told I can't re-tax the car I've been driving for the last 15 months, because the DVLA has no record of it. On ringing them, they state that the car, which is sitting on my drive, has been scrapped off. Or so an insurance company told them!?!

    Lets hope people don't get "scrapped off" under any new ID card system.

This topic is closed for new posts.