Photos: Famous fraudster hits out at ID cards

Photos: Famous fraudster hits out at ID cards

Summary: At the RSA Conference, subject of the Hollywood film Catch Me If You Can Frank Abagnale claimed the security of the ID cards scheme could be easily compromised

SHARE:
TOPICS: Security
2

 |  Image 1 of 4

  • Thumbnail 1
  • Thumbnail 2
  • Thumbnail 3
  • Thumbnail 4
  • Frank Abagnale, a  one-time fraudster who now works with law-enforcement agencies, strongly criticised the UK ID cards scheme at the RSA Conference Europe 2007 on Wednesday. At a press Q&A session before his keynote, Abagnale said that one weak link in an organisation can compromise the whole system.

    "With the ID cards scheme, all it takes is one weak civil servant to be bought off, and one weak link can [compromise the system]," said Abagnale. "I'm not big on ID cards — you're giving the government information that someone else can access. ID cards make it 100 times easier to steal that information, because it's concentrated in one place. Nothing is really secure; if the money is right, you can forge a passport to back fraudulent activities — you can forge ID cards. You can replicate holograms, dyes in paper, and give terrorists access to Britain."

    The Home Office has denied in the past that the human factor could be a problem for the ID cards scheme.

    "There are heavy penalties in the Identity Cards Act for such abuse of access, and the vetting of staff and handling of identity information is something we and lots of other departments deal with already — today and every day. Not to mention that the scheme will have to be accredited to the highest standards by HM Government's security advisers, and that an independent National Identity Scheme commissioner will be appointed to oversee the operation of the scheme," a Home Office spokesperson said.

    In his keynote, which closed the two-day show, Abagnale told the audience of security professionals about his experiences of being on the wrong side of the law, depicted in the 2003 film Catch Me If You Can, directed by Steven Spielberg and starring Leonardo DiCaprio as Abagnale and Tom Hanks as FBI agent Carl Hanratty.

    Silicon.com's Gemma Simpson contributed to this article.

  • Bruce Schneier, founder and chief technical officer of BT Counterpane, told RSA delegates that they should not necessarily trust security vendors to give a fair representation of the security of those products.

    "There might be a political bent to security decisions, or there might be a marketing bent," said Schneier. "People selling smartcards [for example] will do a lot to convince us that smartcards are the answer to security problems. For every company that's secure, there's at least one 'me too'."

Topic: Security

Tom Espiner

About Tom Espiner

Tom is a technology reporter for ZDNet.com. He covers the security beat, writing about everything from hacking and cybercrime to threats and mitigation. He also focuses on open source and emerging technologies, all the while trying to cut through greenwash.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

2 comments
Log in or register to join the discussion
  • Why are they still doing this?

    Now a prime representative of the folks we do NOT want getting our data is saying that the ID card database will make it easier to get hold of not harder. He is also giving us the mechanism by which it would be done.

    In the past it has been folks from the security services, private security experts, senior police officers, academics etc etc etc. Polls suggest that the general public are more and more suspicious of this project. The only senior people that seem to be saying that this is all a good idea are the Home Office and the Labour party.

    Why oh why then are we still sloshing millions and eventually billions into this scheme?

    It would seem to be pure hutzpa on the part of our great leaders. "We know best. You just shut up."

    If you want to see more about this issue, try going to www.no2id.net
    Andrew Meredith
  • You don't need experts, just listen to the people!

    It is actually going to be very easy to get a "valid" card complete with your own bio-data on it.

    All you'll need is supporting documents that are already forged. We all know it's easy to get hold of birth certificates, NI numbers and drivers licenses. If the systems around the supporting documents is weak, then so is the ID card system.

    The problem with the ID card is that it will be accepted as absolute proof of identity. Without question you will be the person on that card. At least at the moment you have to provide a couple of supporting documents.

    Personally I would have thought the money was better spent on making those supporting documents more secure. At the end of the day we will have spent billions on a card that is going to be used to join your local video shop.
    45272