The UK has announced a roadmap containing initial plans to roll out a digital ID scheme and, naturally, there are some significant security concerns from experts in the field.
STEP BY STEP BY STEP – Digital ID
— Aidan Joyce (@AidanJoyce) March 13, 2022
UK gov unveils plan for nationwide digital identity scheme https://t.co/GIj2320Dx3 via @ITPro
The launch of a digital ID scheme brings with it some security concerns and it will be interesting to see the approach that the government will take with this scheme.
There are emerging standards for self-sovereign identity (SSI) schemes where credentials are stored by the individuals and typically use a blockchain-based authenticity mechanism. The alternative is a centralised scheme much like our NHS Covid passports where all the credentials are held centrally. Each has its advantages and pitfalls. A centralised scheme is vulnerable to mass compromise and data theft which can then be used for identity fraud. A distributed scheme is much better for privacy but means that end-users need to take more care to ensure that their credentials are safe by, for example, keeping backups.
In either case, the means for asserting and validating the credentials is a potential weak point. Most likely this will be a mobile app like in the case of the Covid passport. Mobile apps will need a high degree of integrity controls built in to ensure that credentials can’t be stolen or malicious assertions can’t be made. Any verification app will need similar controls to ensure that the verification process can’t be subverted. As an example, consider where a citizen might be asserting their driving license as identity and proof of eligibility to hire a car. If this process can be subverted then a bad actor could simply steal the car using a fake driving licence.
Though governments are always the first to claim that security is the highest priority, that’s not always the case in the product we see. Governments need to ensure that they are implementing suitable in-app protection tools to ensure that app hijacking cannot take place.