[Politech] U.K. firm boasts totally "hacker proof" ID card system, claims to be serious [priv]

From: Declan McCullagh (declan@private)
Date: Tue Jun 28 2005 - 22:10:26 PDT

-------- Original Message --------
Subject: Oh dear - Don't worry about UK ID card insecurity - here's a 
totally 'hacker proof' system
Date: Tue, 28 Jun 2005 20:05:49 +0100
From: Ben Tudor <Ben_Tudor@private>
To: declan@private, danny@private, schneier@private, 
"Iain Thomson" <Iain_Thomson@private>

This press release makes an IT journo's job look rather like shooting fin
tuna in a barrel. Using cluster bombs.
There's so many holes in the argument presented in this press release that
I almost don't know where to start.
Now that I know a company has been working on 'hush-hush software', of
course, all my concerns about national ID cards have simply sloughed away.


Ben Tudor
Features Editor
Computer Reseller News


----- Forwarded by Ben Tudor/VNUBPL/UK on 28/06/05 07:53 pm -----
|         |           <ukdistribute@ccnmatt|
|         |           hews.co.uk>          |
|         |                                |
|         |           28/06/05 07:23 pm    |
   |       To:       "ben_tudor@private" <ben_tudor@private> 
   |       cc: 
   |       Subject:  Biometric ID Card breakthrough 

Send Date:28-Jun-2005 19:21


June 29th 2005

Further information: 02476 236644

Press Office: John Fisher - 01785 840978
M: 07808 171 664


Biometric Innovation Breakthrough answers UK ID Card Security Fears

A biometric identity card system that is hacker and thief-proof and puts
the missing privacy and security into the UK ID project - has been unveiled
today (Wednesday).

The British inventors of the BiometricPIN system say the system can be used
in the new UK ID cards, overcoming all security fears and objections and
putting control on the use of biometrics in the hands of the user. Instead
of using a single, easily lifted or stolen fingerprint, BiometricPIN will
allow any sequence of finger prints determined by the user. No one has been
able to achieve this so far and the implications will be global as spin-off
projects emerge.

The sequence creates a digital pattern that can only be recreated by the
user. When it is stored on a Government or central database it simply
becomes an unidentifiable "blob" that cannot be stolen.

Behind the world-first breakthrough is West Midlands biometric company,
Senselect Limited, which has been working on the hush-hush software-based
system for five years. John Topping, Managing Director of Senselect, said
BiometricPIN would have implications for everyday life across the world,
but the company has concentrated so far on the ID card security problem and
the "big brother" fears it instills in people.

"This is totally secure, fast and "hacker-proof", said Mr Topping. "The
sequence simply cannot be replicated by anyone other than by the user. It
also allows the user to determine just how much information others can see
about them. A doctor, for example, could be restricted to medical history
whilst a bartender will only get confirmation that the customer is over

With BionetricPIN there will be no "big brother", said John Topping and
identities stored on Government databases are safe from theft. With single
finger biometrics everyone has a right to be scared because, while you can
change a pin number if you are compromised, fingerprints are for life.

Biometrics using single fingerprints as an identifier have been used for
some years, and despite them being capable of being "lifted", their use has
grown. Their use in government ID cards - even with the backup of iris and
facial biometrics - is considered a step backwards by many.

"With BiometricPIN there would be total security as the pattern decided on
uniquely by the user cannot be lifted from a single finger reader or hacked
from a database", said John Topping. "BiometricPIN produces a unique
biometric print that just cannot be copied. It also needs live fingers."

Mr Topping said BiometricPIN would solve a huge worldwide problem. Anyone
concerned that their ID could be copied can rest assured that this will
allay all their fears. Protecting peoples ID is already written into our
law but with BiometricPIN it will be in the hands of the user. Senselect
says BiometricPIN, because it is software-based, can be used in conjunction
with all existing technology, along with iris and facial biometric systems.

The company says it already has several European governments interested in
implementing BiometricPIN and Senselect has produced a set of security
standards for cross border biometric identification. This is now being
considered by the European Union for adoption.

Added John Topping: "We believe we have solved a huge problem for the world
and are ready to share our knowledge. This is the biggest breakthrough in
computer technology for many years and will have a huge impact on everyday
commerce as further applications for BiometricPIN emerge".


Senselect Limited
Coventry University Technology Park
The Innovation Centre
Puma Way
Coventry, UK, CV1 2TT


For further information, please reply to john.g.fisher@private

VNU BUSINESS PUBLICATIONS LIMITED (VNU)  32-34 Broadwick Street, London,
W1A 2HG  Tel: +44 (0) 20 7316 9000  Fax: +44 (0) 20 7316 9003  This e-mail
is confidential and is intended for the use of the addressee only. If you
are not the intended recipient, you are hereby notified that any use or
dissemination of this communication or any part of it is strictly
prohibited. If you receive this transmission in error, please notify VNU
immediately using the contact details above and then delete this e-mail.
Please note that e-mail may be susceptible to data corruption, interception
and unauthorised amendment. VNU does not accept any liability for any such
corruption, interception, amendment or the consequences thereof.

Politech mailing list
Archived at http://www.politechbot.com/
Moderated by Declan McCullagh (http://www.mccullagh.org/)

This archive was generated by hypermail 2.1.3 : Tue Jun 28 2005 - 22:50:13 PDT