Linking the person to the UK identity card

by Stephen Mason

This article considers the linking of the identity of the person to the identity card, in particular, how biometric measurements can help to link the holder of the card to the information stored on the card.

Introduction

An identity card is issued to record the process of registration. When issuing a card, the intention is to link the information recorded on the card with the person that the card was issued to.  

There are several considerations that must be addressed when issuing any form of identity document: the need for reliability; the prevention of manipulation and the counterfeiting of cards; the data accurately reflects the information recorded on the register; and when a card is issued, it is necessary that the person to whom the card was issued is clearly identified as the same person that was registered, and the card is able to clearly demonstrate that the person to whom the card was issued is the same person in physical possession of the card.

Paper passports and identity cards have been issued for centuries, and in the nineteenth century, governments used the rapid developments in technology to counteract the actions of forgers: a struggle that continues to this day.  The inclusion of engraving on passports required a forger to pay an engraver; then the development of ‘security paper’ was used, not always successfully, to prevent the reprinting of passports with sophisticated printing techniques, and to prevent the manipulation of passports by using special types of ink.  For instance, the passports issued by Prussia in the mid to late nineteenth century were so sophisticated, that the security features prevent modern copiers from reproducing the document.

The use of digital technology may help to resolve some of these issues, but it is not certain.  The use of the physical attributes of a person in the form of biometric measurements may go some way to provide a strong link between the information recorded on the card and the person in possession of the card – and to be successful, it will be necessary to include more than one form of biometric measurement, either on the card, or on the register and on the card.  

Ideally, the measurements chosen ought to use the best available technology to enhance security and significantly reduce the risks of forgery and manipulation.

The purpose of the national identity register

One of the most important considerations about a registration card is the purpose for which it is designed.  The purpose of the national identity register can be divined by considering two sections of the Identity Cards Act 2006.  

First, section 1(3) provides for a ‘reliable record of registrable facts about individuals in the United Kingdom’ and section 1(3)(a) suggests that it will be a ‘convenient method for such individuals to prove registrable facts about themselves to others who reasonably require proof’, and section 1(3)(b) refers to a method of ascertaining and verifying registrable facts about people ‘wherever that is necessary in the public interest.’

The public interest includes national security; the prevention or detection of crime; the enforcement of immigration controls; the enforcement of prohibitions on unauthorised working or employment; and to secure the efficient and effective provision of public services (section 4).  It is recognized that a registration card will not prevent terrorism or reduce crime, but it is conceivable that the use of such a card may act deter some, and for others, they will merely alter the point of attack.

The data required to fulfil the purpose

In order to know what data is necessary to fulfil the purpose under the Act, it is necessary to know what a registrable fact is.

This is set out in section 5, and includes the identity of the person (section 7 sets out what this includes: full name; other names by which the person is or has previously been known; gender; date and place of birth and, if dead, the date of death; and external characteristics that are capable of being used for the purpose of identification); the present and all previous addresses of the person; where and when the person was previously resident; their current and previous residential status; information about numbers allocated to the person for identification purposes and about the documents to which they relate; information about occasions on which information recorded about the person in the Register has been provided to any person; and information recorded in the Register at the request of the person (Schedule 1 provides more detail).

Clearly, a great deal of information is included about each individual.  The sheer amount of information will lead the perceptive reader to acknowledge that the card will be much sought after by people with a nefarious intent, and the enrolment and verification process will be crucial in ensuring the data is accurate and correct.  Any failure in the enrolment process or the technology will undermine the purpose of the register.

The meaning of identity

Generally, the meaning of identity is that of personal identity, which describes the condition or fact of continuity of personal existence.  Another important part of the concept of identification is the ability to establish a continuity of association with   an individual, that is whether the person now presenting himself or herself is the same person that presented themselves on a previous occasion.

The precise meaning of personal identity differs, according to the circumstances. Personal identity can be the unique name of an individual, a name and an address, a name and a date of birth, or perhaps a name and an occupation.  An identity can be the establishment of a relationship between one manifestation of personal activity and another.

An example is where a patent is to be transferred from the person named in the register to a third party.  The person acquiring the title needs to derive a satisfactory title to the patent.  They must establish a link between the person named in the register and the person they are dealing with, or with the predecessor-in-title.  

This illustrates the point that there is a need to distinguish between the concept of identity and information associated with identity, such as the name, address and nationality of an individual.  This distinction is important, because our identity does not change, but information relating to identity does.  It is where an attempt is made to identify people by using the information linked with identity, that things go wrong.

Alternatively, identity can be a condition of being, identified for a purpose.  One example is when an individual is prosecuted for driving while disqualified.  It might be necessary to prove that the person before the court is the same person as was previously disqualified.  If this can be proved, it does not matter whether they have the same name, address or occupation as when they were disqualified previously.

Equally, some individuals may wish to be known under a nom de plume.  There are perfectly good reasons for this, such as where an author writes fiction, but does not wish to confuse their real life identity with their activities as creative writer.  

Two English examples are that of C. L. Dodgson, who lectured in mathematics at Oxford University during the nineteenth century and wrote under the name of Lewis Carroll, and Mary Ann Evans, who wrote under the name of George Eliot.

For the purposes of this article, it will be taken that ‘identity’ means the personal identity of an individual person that is linked to their existence by means of their birth certificate.  

In the case of a woman who, upon marriage, takes her husband’s family name, the root of her identity remains with her birth certificate, and the marriage certificate provides the evidence that she has adopted the name of her husband.

Verification of the individual

The most basic document relating to identity, the birth certificate, does not prove that the holder of the certificate is the person whose birth is recorded in the certificate.  There is no nexus between the content recorded on the birth certificate and the holder, despite the legal presumptions that apply.  Although a birth certificate is a record of the birth of an individual, it does not follow that the person whose name is identified on the certificate is same person as the individual in whose possession the certificate rests.

In the absence of proof of a link between the holder of a birth certificate and the content, the assertion of identity rests on the proposition that a person’s identity is demonstrated by the record of a birth, entered in a birth certificate, which in itself is not capable of proving the link between the individual and the certificate.  The identity of an individual is predicated on the existence of the record of their birth.  

This evidence can be described as the foundation document that links the individual to their identity.  Until recently, this record was rarely used as evidence to corroborate the identity of an individual when issuing other documents, such as a passport or driving licence, or to open a bank account.

In contemporary society, more diverse types of evidence are available that serve to corroborate the identity of an individual.

The longer a person lives, the more frequently they interact with agencies that create their own records.  As a result, the link between the original record of birth as evidence of identity may cease to be relevant because it is too remote, or no such link may have been made when other records are created.  In many, if not most instances, a document that is also used to corroborate identity is created without a direct reference to the certificate of birth.  In this respect, the independent recognition of identity will also exist within a context other than by evidence of birth.  

There are a range of records, both public and private, that do not identify an individual, but form a pattern of behaviour or history of events, and are available as a means of reference, such as: government records (passport – which is a travel document; driving licence – which is a permit to drive; national insurance number – the purpose of which is to record national insurance contributions and income tax, and for claiming benefits); local authority records (records of the names of the occupiers of a dwelling for the purposes of collecting local taxes, registering the occupants on the register of electors); bank accounts; credit reference agencies; Inland Revenue tax notification; telephone and utility payment history; credit card reference and other such examples.  

It is possible to corroborate a person’s identity by referring to such records, even if these are records of daily activities or grants of permissions, rather than evidence of the identity of the individual.

The strength of the biographical history acts to bind the identity of an individual to a historical record of daily events.  If such records are to have any meaning, it is important that they are accurate if they are to be relied upon to corroborate a person’s identity.  It is difficult to link identity to a physical token, although it is possible to strengthen the information linking the person to the registration card.

The signature as a means of preventing fraud

Of interest from a legal point of view is the additional information set out in Schedule 1 to the Act, especially the provisions for the inclusion of identifying information in the register and on the card.

This may include a photograph of the person, their signature, fingerprints and other biometric information.  At present, most documents include a scanned manuscript signature of the individual, such as on a driving license.  However, manuscript signatures are notoriously easy to forge, and even experts only mange to identify forgeries fifty per cent of the time.

If the signature of a person recorded on an identity card is to have any value as a form of security as well as to prevent the misuse of the card, it may be that the agency responsible for implementing the identity card might consider the use of some of the technologies available in terms of a biodynamic version of a manuscript signature, where a person can write their manuscript signature by using a special pen and pad.

The signature is reproduced on the computer screen and a series of measurements record the behaviour of the person as they perform the action.  The measurements include the speed, rhythm, pattern, habit, stroke sequence and dynamics that are unique to the individual at the time they write their signature.  

Advances in technology are capable of providing for the assurance that a biodynamic signature cannot easily be forged, unlike a scanned manuscript signature.  If such technology were available, then the inclusion of a signature on the identity card, and a replacement of the justifiably maligned PIN, might prove to be a significant advance.

The point is, advances in technology will continue, and the replacement of the PIN ought to be on the agenda of every organization that relies on the PIN.  The manuscript signature is unique to the individual, and is very difficult to replicate, which makes the biodynamic signature such an attractive proposition.  It is also easier for a person to remember, no matter how old they are, unlike a PIN.

If a technological solution were sufficiently robust to demonstrate the near impossibility of forging a biodynamic signature, arguably the identity card may prove to be useful in some legal circumstances, especially where a lawyer or notary might need to be convinced that the signature of the person is that of the genuine person, and not some impostor.

Biometric measurements tend be used to authenticate the person (such as an iris scan, or fingerprints for example), and the person is then required to sign a document physically, although biodynamic versions of the manuscript signature are increasingly being used by notaries in the USA, which act to verify the means of authentication, whilst also performing as an electronic signature.

Consider a man who jointly owns a house with his wife, and divorces her.  He marries another woman, who adopts his name.  He and his second wife sell the house, and the second wife signs the documents in her married name.  Unless the lawyer managing the sale is aware that the wife that is signing the papers is not the person that is the joint owner of the property, it is conceivable (and this has occurred) that the first wife will then have to take legal action to recover her share of the property. 

A similar problem was highlighted in ‘First Person’ in the FT Weekend, May 10/11 2008 on page 7.  A thief obtained a scanned copy of a deed with the manuscript signature of the owner of the house they were renting.  The thief, part of a group that stole houses, forged the signature and sold the house.  It took the rightful owner some time to prove the house did not belong to the thief.  

In such circumstances, it is possible for a registry, such as the land registry, to have a record of the first signature, perhaps a biometric manuscript signature, so the different biometric signatures can be compared before the transaction for the sale of the land is irrevocable.

Concluding remarks

The reader ought to be aware that introduction of an ‘identity card’ was (and remains) an anathema to the author.  However, given the development of the networked world, which exists in parallel to the physical world, there are a number of compelling arguments for individuals to take action to protect their identity.  

If an ‘identity card’ is introduced that has a sufficient number of robust measures in place to make it difficult to forge or almost impossible to alter, it is conceivable that the card, providing the registration process is suitably robust, may go a long way to providing a benefit to individual holders, both practically and legally.

© Stephen Mason, 2008

(This article was first published in Biometric Technology Today, May 2008, 9-12.  KeCrypt Systems Limited have been granted an exclusive license by the author to distribute this article during 2008 – 2010)

About the Author

Stephen Mason is a barrister and a member of the IT Panel of the General Council of the Bar of England and Wales.

He is the author of: Electronic Signatures in Law (Tottel, 2nd edn, 2007)’ and E-mail, networks and the internet: A concise guide to compliance with the law (xpl publications, 6th edn, 2006) ISBN 1 85811 3563.

He is also the general editor of: International Electronic Evidence, (British Institute of International and Comparative Law, 2008), Electronic Evidence: Disclosure, Discovery & Admissibility, (LexisNexis Butterworths, 2007) and Digital Evidence and Electronic Signature Law Review.