Electronic passports within a few years

[cleanbash]

Within a few years some countries will use electronic passports. The technical design of the identificationchips is almost finished. The German company Infineon has finished research and is busy to stabilize the system. The chip could carry three biological human features such as a fingerprint, irisprint and a digital photo.

The only bottleneck of this system is privacy because countries cannot store all this information in large databases without breaking a privacy rule.

The information on the chip should also be encrypted and protected because of fraud, otherwise this is a dangerous system. Why not keep the normal paper passports.

See some related information at http://www.eetimes.com/sys/news/OEG20030609S0062

[dopeydadwarf]

Normal paper passports can be created with a good printer and a stolen identity. This system however intrusive. Is both a huge step towards protection, and possibly the birth of new forms of identity theft. With the ideas of finger print scans and retina scans, it would be harder to pass yourself off as somebody else. But with all this information being passed around on an international level. We will be subject to less privacy. It will also breed a new criminal. One that will figure out how to replace pictures and finger prints and retnia scans of their victim, with their own of course. Plain and simple this method would offer an update to identity theft security. But eventually it will be exploited just like everything else has been. Point? Nothing is 100% safe. It is only as safe as you allow it to be. Protect yourself.

[CyberSpyder]

that's really a concern.

[VictorKaum]

Within a few years?

In Belgium they already started with the electronic identity card, I'm even citizen of one of the cities that test the digital identity card. So it's not something for over several years but it's the present.

The BelPic-project (Belgian Project introducing an electronic identity card) started the second of june. The introduction project will go on for 6 months after those months a commission evaluates the project.

[MrLinus]

Victor,

What's an "electronic identity card"? I know that my new passport has a digitized picture and signature on it (new fangled thingy anti-counterfeit thingy). Is your identity card similar?

[VictorKaum]

---
I don't have the newest card yet, cause I got one without chip just before the project (btw my so called 'old' card already contains the things you described MsM).
Only people that have to renew (every 5 years), people that became 12 years old after second of june, and those who changed their adress, or card got lost or stolen get a new digital one, you can also ask for a new one (costs you 12,5 Euro).
---

The card itself:

Digital protected prints? No it's a step further, it has a chip on it, this chip contains your personal info. You can also choose to add a digital signature, this signature has the same legal power as a real signature. Therefor you can use it to sign stuff online if you have a card reader that can decrypt the stuff. Further you can use that digital signature to verify stuff and to do transactions (for instance asking for governemental documents for building a house, communicate with your cityhall, ask questions about your personal files at police,...).
So basicly instead of the info been put right on your card, it's in a chip.

The electronic signature is protected by a personal pin-code. On the chip itself are certificates that have to be renewed every 5 year to ensure secure data communication.

[lord_darkside_x]

the chip in a card idea is not the worst i have heard. i do see security risks in it but those exist everywhere. i do not agree with the idea of a chip implanted in the body though (which is supposed to be like phase 2 to follow id cards) as for privacy concerns... most information that we think is provate is not. social security numbers and credit card information are all over the place. i work at a major department store in the us and you would be shocked to find out that in my store alone we processed over 2300 new credit applications in 6 months. each of those applications requires a unique ss# that is typed into a pinpad and in many cases written down or spoken aloud. every reciept that is printed on a credit transaction that is signed by the card holder contains the card number which could easily be stolen. privacy and personal security are at risk from outsiders, but i think one of the biggest problems is lax security on a personal level... people need to act more secure to be more secure

[VictorKaum]

lord_darkside_x, while there are risks, I personaly believe this type of card is more secure than paper cards. You need to have the knowledge to make the chip, it uses special certificates (sort of like pgp does) so the info is not read out easily, next the signature you set is protected with a pin-code (the same as bankcards), the complete 'password' info is never exchanged, so you can't sniff the communication and read out the codes. It works similar like proton cards. To verify, the chip in the card and the card reader play a sort of encrypted Q&A game. With the info from those Q&A they can reconstruct the info. NOthing is completly secure, but I doubt it's easier to hardcode info into a chip than steel some empty paper cards out of a city hall and fill them in yourself. Chips inside people... hmm that's something else

Besides no one can see or read your personal pin-code (if you don't put it on some post-it or let someone watch when you enter it), so it becomes useless when stolen, you can't sign documents with it anymore without the pin-code.

In Belgium we are used to our identity card, you have to take it with you from the age of 16.

[lord_darkside_x]

oh i agree with you totally VK. paper cards are the easiest to duplicate. i was just pointing out that people need to be more self aware and be careful with whom they give information too. social engineering is still a big problem for the theft of info and that sort of thing. i do think that these cards are a decent idea overall.

[VictorKaum]

Indeed when people choose their birthdate as pin-code, or their postalcode... I doubt it will be secure
What you say is very true.