Australia Scraps National ID Plan

IPU = Imaginary Property Unicorn writes "The proposed Australian 'Access Card', a universal ID that would be required for any Australian wishing to use Medicare, Centrelink, the Child Support Agency, or Veterans' Affairs, has been scrapped by the incoming Rudd Labor Government. The card would have contained an RFID tag with the person's name, date of birth, gender, address, signature, card number, card expiration date, and Medicare number, but there were also provisions to add more personal data later on. It seems that Rudd Labor is not eager to copy the American REAL ID Act."

Re:Good.

[arivanov]

Actually not quite so.

There are plenty of ways to provide identity that do not require online access to a database. X509 at your service. Tried, tested, works, scales to the size of a population (most continental EU ID cards are actually smartcards wich hold an x509 cert). The only thing the ID reader needs to do is verify that the cert on the card is correct and show the information. This can be done by a sub-10$ mass produced device nowdays. It can also be completely standalone for less important apps and for the more important it needs to check for revoked certs via OCSP. It does not really need access to a centralised database. In fact it is better for an ID like this to hold your photo and your biometric because the verification is done through cryptographic integrity. If it holds them it does not need central database access in 99.99% of the cases.

Issuing the ID is a completely different ball game. There you need a database if you want to avoid identity fraud. The bigger, the nastier, the more comprehensive - the better. As a matter of fact such the databases already exist in most countries, they are reasonably well maintained and they work. These are the taxation system databases and all countries with successful ID systems use these as a primary source of information. A good example of database nations like this is any Scandinavian country and Bulgaria out of the ex-Soviet block.

There is a crucial difference here - the database is accessed only on issuing IDs and on updating/checking tax records. It is not accessed by every wannabie wanker in a small quango office who has declared himself the supreme owner of your identity. This is also the crucial difference between RealID, The UK ID, the Australian ID and working ID projects. These all aim to sneak a provision for tens of thousands of wankers to access your data and they do not try to build on the tax system data (which the tax system office rightfully denies them access to). This is also doomed to be abject failures long before they have even been started because they have to build a database for the whole country from scratch.