1.  SCIENTIFIC ADVICE, RISK AND EVIDENCE IN THE IDENTITY CARDS PROGRAMME

  This section covers the mechanisms by which conclusions are arrived at and the external sources of evidence and guidance used by the Identity Cards team. It will also explain how these data and the conclusions drawn from them are presented to the programme's assurance groups and to ministers.

Risks relating to biometrics

  1.1  Biometrics is a key technology underpinning the delivery of the programme's aims (although it should be noted that the scheme's integrity is not wholly dependent on biometrics because of the biographical or "footprint" checks which will be made on applicants) and so examples on the use of scientific evidence in the Identity Cards programme will be drawn from this area.

  1.2  Some biometrics technology is relatively immature and the whole field is fast-moving. The programme anticipates a biometric scheme comparable to the few, large-scale deployments which currently exist there is a necessity to base our models of the likely performance of the biometric technology on the best scientific evidence. Further, because it is a key dependency, it is necessary to have the best possible assurance of the work done on biometrics and also to ensure that the risks and the potential of biometrics are properly communicated to ministers.

  1.3  The uncertainties over biometric technology and thus those areas which need most attention are encapsulated in several key risks associated with biometrics. These are summarised below:

—  It may be impossible to prevent applicants falsifying (spoofing) their biometrics. This risk can be mitigated through analysing the threat posed and designing the correct detection processes and by ensuring that the deterrent regime is appropriate.

—  The matching of newly enrolled biometrics against all those already enrolled may not be 100% reliable, raising the risk that a very small number of people may be able to enrol more than once without authorisation[1]. Likewise, the matching of an individual's fingerprint or iris against their previously enrolled biometrics in order to verify their identity may not always be reliable. Mitigation of these risks requires modelling the likely distribution of, and the mechanisms behind, these mismatches and then looking at the impact on stakeholders and modelling the ways in which these mismatches will be detected by other, non-biometric, means.

  1.4  Within the context of these risks, key requirements of the biometrics need to be set:

—  Which biometrics should the scheme use, and will these be sufficient to meet the performance demands of the scheme?

—  What are the criteria and tests we should apply to biometric technology suppliers?

  1.5  It is not necessary for the purposes of the programme to embark on publicly-funded scientific research to improve the capabilities of biometrics. Our approach to answering these questions has focused on gathering the best evidence available from existing programmes, academia and suppliers, and on using trials to answer specific questions for which data are not available.

Sources of evidence, advice and assurance

  1.6  We undertook a comprehensive survey of the academic and commercial literature on biometrics, and the published reports available from existing biometric schemes, government laboratories and standards bodies.

  1.7  In 2003 NPL undertook a feasibility study for us on the use of biometrics in a national identity card scheme. One of the recommendations of this report was the trial we ran in 2004 to gather evidence on public perceptions and attitudes towards biometrics and data on the timings of biometric recording and verification processes. This was conducted with UKPS and demonstrated that the overall experience was positive and met or exceeded the expectations of a vast majority of people. It provided some findings on the technology, but was not an assessment of the technological capabilities of biometrics.

  1.8  We are currently funding technical work at NPL to define a methodology to assess the interoperability of fingerprint systems using systems from the four leading fingerprint identifications systems. We are planning a set of trials for 2006 which will look at the relative performance of suppliers' integrated biometric systems in the areas of timing, usability and spoofing-resistance, and the relative performance of suppliers' matching algorithms on a "test" database of biometric records.

  1.9  We are working with leading biometric experts from:

—  US National Institute for Standards & Technology.

—  San Jose University.

—  UK National Physical Laboratory.

—  Members of the Biometrics Working Group.

—  Communications-Electronic Security Group (part of GCHQ) and other experts in the field of fraudulent use of biometrics.

  1.10  We are learning from the experiences of our colleagues from:

—  UK Passport Service (UKPS).

—  Immigration & Nationality Directorate (IND).

—  Police Information Technology Organisation (PITO).

—  International Biometric Identity Cards Schemes such as Hong Kong & the Philippines.

  1.11  We have consulted with leading biometric technology firms in industry:

—  The Identity Card Programme has met with 15 companies involved with biometrics and is currently undertaking further market sounding activity in relation to biometric matching performance. This contact has taken place in accordance with OGC (Office of Government Commerce) procurement rules.

  1.12  We receive assurance on biometrics from a number of sources, principally:

—  We have given evidence on biometrics on two occasions to the Home Office Science and Technology Reference Group (chaired by the Permanent Secretary).

  1.13  The government's Biometrics Assurance Group and the Home Office Senior Biometric Advisor will review biometric aspects of the Identity Cards Programme.

—  Sir David King, the Government's Chief Scientific Adviser, chairs the Biometrics Assurance Group which has been established as a panel of internationally eminent specialists in biometrics and related technologies.

  1.14  Scientific evidence and its meaning for the programme and the output from the programme's assurance bodies are presented to ministers via submissions and face-to-face briefings. Numerical data is frequently presented (eg the current measured levels of passport fraud as a percentage of applications and the anticipated reduction as a result of the introduction of biometrics) as are comparisons with other schemes (both those in other countries such as the US, the UAE, the Netherlands, Hong Kong, the Philippines and Germany and also relevant schemes in the UK such as IDENT1, the Police fingerprint database).

January 2006