Concept, design and evaluation of two competing ideas for ... · Oyster ID will be based on the...

1 Advanced HCI 2007 Coursework

Concept, design and evaluation of two competing ideas for a national identification device for UK citizens Advanced HCI Coursework Hilla Neske, 29 March 2007


Concept 1: Oyster ID

The idea Oyster ID is a multifunction smartcard that will act as a biometric passport and a personal transport ticket as well as a payment and bankcard for shopping and leisure. Smartcards – such as customer loyalty cards, bank cards and credit cards – are already familiar, convenient and universal. Oyster ID will be based on the existing Oyster card, introduced to the UK by London Transport in 2002 to collect fares for London’s mass transit system. The Oyster card system is therefore already well accepted by UK citizens and growing in popularity due to its ease of use. By January 2007, over 10 million people were using the cards. Oyster ID besides being a familiar physical identification document, has advanced electronic functions that facilitate secure authentication in connection with nationwide online services. The pocket-size ID card will use biometrics to authenticate the citizenship of its owner. Cards are ISO standard (ISO14443), contactless memory cards fitted with an RFID chip. The chip will have at least 32 kilobytes of memory to allow for the storing of the holder’s biographic data, such as name, date and country of birth, and his or her biometric data. This data can be read from the card using a contactless reader from up to 10cm away. The card is enhanced with the individual’s iris image, allowing for identification of the holder. Cards are cheap to produce and will be free. Individuals only pay if a card has to be re-issued.

The transactional features of current Oyster cards will be enhanced. The new Oyster ID electronically stores travel details on cards, enabling individuals to be identified reliably and instantly, and giving the holder quick access to the transport network and secure and easy-to-handle way to pay for goods. It comes with an e-purse function and will let users make retail purchases.

Reading the device Oyster ID cards will not require physical contact with readers, and can be read from up to a few centimetres away through common materials such as cotton or leather. Individuals can even hold their wallets, jackets or handbags on or near readers. Oyster touch card readers will be installed in public places; the same reading technology will be employed for private transactions in supermarkets or at ATM machines. The card reader will be easily recognisable, bearing a blue and white colour scheme and logo similar to the card itself. Portable readers will be available for use by, for example, authorised police officers and paramedics. The readers will be lightweight and offer instant verification by combining contact and contactless smartcard readers, a 500dpi sensor for instant biometric matching, and a high-resolution digital touch-screen display. In an emergency, paramedics will be able to wave a portable reader in proximity to the injured and access important medical details extremely quickly without losing time searching for the card.


Making a payment will involve placing the card in close proximity to an Oyster card reader; a tone from the reader will confirm that the merchant has received funds; the remaining balance of the card will be displayed on the reader. (Transaction time will be around 0.3 seconds at a transmission rate up to 212 kbit/s.) Cards can be recharged with cash at ATM machines in underground and rail stations, over-the-counter in stores such as Tesco’s, or directly through credit cards and bank accounts. People will be able to sign up to use a local bank account or credit card to top up the value on the card automatically once every 24hrs by a specified amount (for example £50). Once the cash value in the card is negative, the card will automatically be frozen for further purchases till more value is added to the card for further use.

Passing through electronic gates fitted with card readers Touch point card reader at the top of a gate (image source: tfl.co.uk) (image source: tfl.co.uk)

Encoding and updating information Personal details The visible information on the card itself remains unchanged from birth, unless the person changes their name during their life (due to marriage, for example). The information is shown on the front side of the card: Visible information on card:

• name of card holder • card number

All the above data are also present on the card in electronic form. The file will contain all of the following information:

Publicly available information (fixed, established at birth):

• name of card holder • national ID code • birth date and time • sex • citizenship • card number • biometric iris image

This data is also stored in a central database and can only be viewed by authorised bodies and – at any time – by the individual themselves. All data records will be completely transparent to the individual. Certain kinds of data will be semi-public. This data can be updated by third parties, for example, the Driver and Vehicle Licensing Agency (DVLA) could activate a driver’s licence or an employer allow an individual access to their building. This data can be viewed by the individual. They will be able to see, for example, a


record of disqualifications, convictions and penalty payments as regards their driving history, but not be able to erase those. Some data will be voluntary. This information will be managed by the individual alone and its disclosure be entirely voluntary. For example, an individual can choose to disclose information about their personal health or their next of kin, so a paramedic will be able to access it in an emergency. Equally, unlocking the card’s transactional (cash card) or access-related functions (work place) will only happen at the discretion of the individual. Someone could, for example, after passing their driver’s test allow the DLVA to update their driving record, so enhancing the card’s function. Voluntary information (flexible and managed by individual):

• medical record • residence address • names and contact details of relative and friends • drivers licence (semi-public) • work place details, access codes (semi-public) • e-credit balance for electronic purchases of small payments up to £200

This data will be stored electronically in a central database. Data related to credit balance and travel tickets will be held electronically on the card rather than in the central database. Tickets purchased online or over the telephone can be "loaded" at a preselected barrier or validator. People can also add e-credit to their card via a money transfer from their current bank account. This credit then gets automatically electronically loaded onto their Oyster ID when they next tap their card against a reader, for example, at a London Underground station. People can view and manage the information held about them by logging onto the National Oyster web site. Children and young adults will be able to view their data, but will not be able to change it without their parents’ consent. For the purpose of managing data online, every citizen will be issued with a unique and lifelong email address (Firstname.secondname_0000@Oyster ID.co.uk) as well as a password. The public data file is not published anywhere online. The personal data on the card in visual and electronic format are accessible only to those persons to whom the card holder physically presents the card.

The card should contain as little private data as possible. Instead, the data should be kept in databases at relevant authorities, and a person can use the card as key (authorization method) to access his or her datain the database.

Personal identification

We will use the iris system for biometric identification. An individual will enrol for an iris scan at any time before the age of 18. A template of the scan will be stored by the National Oyster Registry. When identification is required (for example at border control) the individual’s biometric iris image will be captured and compared against the enrolment template.

Iris scanning does not require the person to interact with a device; a video image of the eye can be taken from one foot away. The user's iris pattern is reflected back to the camera, which captures the unique pattern and stores it using less than 35 bytes of information. The process of scanning will take up to 10 seconds. Biometric systems in general have a number of benefits:

• they can discriminate between millions of people • they are reasonably consistent over time since they change very little over the adult life

of an individual • they cannot be cosmetically altered without it being obvious


• they are fast and efficient, because optical computers are extremely fast and process data in parallel and at the speed of light

In a recent test of biometric systems (CESG Biometric Test Programme, 2001), the iris system fared best both in terms of successful enrolment and acquiring rates. The detection errors trade off between False Match and Non-False match rates for this system brought up no false matches in over 2 million cross-comparisons. Also the iris system would normally work in identification mode, and not require PIN entry, thus reducing transaction time and increasing throughput.

Design The design of Oyster ID will be in line with the current Oyster card. However, it will use additional graphic elements of curves in various colours to visualise the different types of data about the individual. This simple and straightforward design will help make the concept transparent to people and create a friendly less official look and feel to the device. Information is mapped to colour as follows:

• yellow: medical record • blue: payment, credit-related info • red: friends and family • green: work-related info • purple: health and medical info

The web site interface for accessing and managing information reflects these categories visually. Colour-coded sections and an easy–to-use and appealing interface design will communicate the types of information and level of access clearly.

Encryption Oyster ID uses encryption for all airborne communication and two-way authentication based on biometrics and public key infrastructure (PKI). Data communications to and from the card are only established when mutually authenticated security handshaking is verified, followed by the transfer of the encrypted data. "Two-way" security solutions – such as our system – require something the individual knows plus something he has: the card itself, the holder’s personal email address and a biometric. ("Single-way" authentication is the biggest concern in any security system; just knowing a credit card number and its expiration date can be enough to use a stolen credit card successfully.) Oyster ID will contain a chip that will hold an iris scan as a biometric identifier. During account creation, the collected biometrics information will be logged into a central database which will then allow a user profile to be created. Even if an individual loses their Oyster ID, their identification can be found and verified by using their unique biometric information.

Losing the device If an individual loses their card, their details can be found and verified by using their unique biometric information. The card can be frozen by its owner to prevent unauthorized use by logging onto the Oyster ID web site. The individual will then reapply for a new Oyster ID by producing their birth certificate and a proof of residence.

Death of the individual When an individual dies, all data will be erased. The credit balance stored on the card will be credited back to the related bank account.

Organizational structure, card issuing and operation

The card issuing as well as its further operation is done in close public private partnership. There are three main organizations that are associated with issuing and operating the ID card and the associated infrastructure.


UK Citizenship Board government organization responsible for issuing identification documents to UK citizens (and alien residents) is in the supervision area of Home Office. They receive the card application from citizens. Operations, maintenance and development of the system is undertaken by Oyster UK. Oyster UK maintains the electronic infrastructure necessary for issuing and using the card, and develops the associated services and software. They also take care of delivering the card to its holder.

Border traffic security and access control Border traffic security requirements are today determined by two key factors: The global increase in crime – with illegal border crossings, false identities and forged documents or unauthorised access – as well as the need for more efficient and more economic handling of passenger flows. Special protection measures are needed to ensure that a citizen’s personal data is reliably protected from unauthorised access or reading. Personal Information encoded on the card will only be accessible by the appropriate officials – for example, during a border crossing – if personally authorised by the document holder to open and examine the document, allowing direct visual contact to be made. This fundamental form of Basic Access Control (BAC) means the (card) reader is only able to access the personal information stored in the RF chip, including the facial image of the passport holder in digital format, by reading the Machine Readable Zone (MRZ) on the card. In a matter of seconds, an access key is generated using the information derived from both media, which the reader unit must use to “identify” itself to the chip as an authorized control medium. The application of Basic Access Control is already compulsory for all EU Member States and is recognised as a reliable security standard on an international scale.

Extended access control In order to protect the highly sensitive biometric information the Oyster ID holds, all EU Member States are required to ensure a level of access protection which far exceeds the security mechanisms of Basic Access Control. To this end, all countries in the European community have agreed on the technique of Extended Access Control (EAC). Essentially, Extended Access Control comprises two authentication processes. Chip authentication, the first stage, is used to establish secure communication between the chip and the reader unit, while at the same time ensuring an implicit authenticity check of the stored information. The subsequent procedure, terminal authentication, ensures that only authorised reader units with precisely defined access rights are able to gain access to the biometrics stored in the chip. Whenever communication is established between the chip and the reader unit, the reader unit’s authorisation certificate is automatically checked. It is the sole responsibility of the government issuing the passport to determine whether or not a particular reader unit is able to access the data. The introduction of Extended Access Control will supplement, rather than replace, the protection mechanisms of Basic Access Control. Only government-“authorised” reader units, such as those used in registration offices or at border control points, are able to decrypt and read a citizen’s sensitive biometric data. The supreme body in charge of allocating authorisation certificates is the UK Verifying Certification Authority (UKVCA), a national authority for the security of national ID documents. The CVCA authorises the Document Verifiers (DV) – a network of interlinked control authorities such as the customs police – to issue certificates for national passport checker and reader units.


Concept 2: ID Ring

The idea The device will be made from durable material, initially coming in aluminium, steel or heat-enforced plastic. A more upmarket range in silver/platinum will be introduced in future. Similar to the Oyster ID, the ID Ring will use biometrics to authenticate the citizenship of its owner. ID critical information will be stored on a tiny RFID computer chip inside the device that is able to hold digital signature data to ensure the integrity of the passport and the biometric data. After the ID Ring has been successfully introduced, the embedded technology can be licensed out to lifestyle brands. For thousands of years individuals have been expressing their individuality by means of wearing jewellery and the ID Ring will be a yet another form of self-expression. Eventually, the ID Ring will come in a range of designs:

• basic range: aluminium or steel, heat enforced plastic • upper range: silver and platinum • premium range (branded): designs created by leading designers and artists (Dior, Adidas,

Terence Conran, The Beckhams, Tracey Emin) A familiar and warm object, it will demonstrate its wearer’s attitude to fashion and, in its style and how it’s worn, enhance their individuality. It also forms a sense of belonging to a country, cultural group.

Carrying the device People can wear their ID Ring in multiple ways, for example on a finger, as a key ring or attached to a necklace or to their iPod or phone. It will be individually adjustable to fit various finger types and sizes.

Reading the device ID Rings will not require physical contact with readers. Individuals will touch or wave the Ring on a distinctive touch point reader situated on top of gates, for example at London Underground stations. The embedded chip in the Ring will transmit information effortlessly enabling faster movement through ticket gates. Touch point readers will be installed in public places and the same reading technology will be employed for private transactions in supermarkets or at ATM machines.


Encoding and updating information The only visible information engraved on the Ring will be your name and national ID code. All other data will be present on the Ring in electronic form:

• name of Ring holder • personal code (national ID code) • unique email address • birth date and time • sex • citizenship • card number • e-credit balance • digitized facial image

This data cannot be modified unless through official approval by the National Citizen’s Registry.

For the purpose of managing data online, every citizen will be issued with a unique and lifelong email address ([email protected]). If you lose your ID Ring, its finder will be able to report the ring as found by logging onto the UK Citizenship web site. They will use your name or national ID on the ring as a reference. Updating data follows the same method as in the design of the Oyster ID. In addition to the information stored electronically on the Ring, private data will be stored electronically in a central database. This data is managed by the individual alone and its disclosure is entirely voluntary. People can view and manage their data through the UK Citizenship web site. Children and young adults will be able to view their data, but will not be able to change it without their parents’ consent. Voluntary information

• medical record • residence address • names and contact details of relative and friends • drivers licence (semi-public) • work place, access code (semi-public) • facial image

Data related to credit balance and travel tickets will be held electronically on the ring rather than in the central database. Credit purchased online or over the telephone can then be "loaded" onto the Ring at a validation point or barrier.

Authentication For authentication, we will use the facial biometric recognition system. An individual will enrol for a face scan or supply a high-resolution photograph from which a scan will be generated. Like iris scanning, facial feature identification systems can capture images from a distance (in this case, from several metres away) using video equipment. The process of scanning takes on average ten seconds.

A template of the scan will be stored by the National Citizen UK Registry. When identification is required (for example at border control) the individual’s biometric image will be captured and compared against the original enrolment template.

Password and PIN number methods are known to be extremely unreliable security measures. The security of someone’s identity depends on the effectiveness of the systems used to record, store and deploy that identity. It also depends on the convenience and user-friendliness of those systems. A facial biometric – the FacialPIN™ used to describe a facial appearance in digital terms – is a number so long that nobody could possibly remember it. The automatic biometric system remembers and recognises


your face and so identifies you much more positively, securely and conveniently than is possible with conventional approaches. Advantages of facial recognition:

• Facial photographs do not disclose information that the person does not already routinely disclose to the general public

• The photograph (facial image) is already socially and culturally accepted internationally

• The public are already aware of the use of photographs for identity verification purposes

• It is non-intrusive – the user does not have to touch or interact with a physical device

• It does not require new and costly enrolment procedures to be introduced

• capture can be deployed relatively immediately and the ability to capture faces retrospectively is

also available

• Faces can be captured from an endorsed photograph, not requiring the person to be physically present

• The system allows capture of children’s biometrics without the children having to be present

• For watch lists, the face (photograph) is generally the only biometric available for comparison

• It always acquires

• Human verification of the biometric against the photograph/person is relatively simple and a familiar

process for border control authorities

• The European Parliament has now voted in favour of introducing biometrics and it is foreseen that this application will be implemented within the next few years.

Biometric systems and their benefits Biometric systems in general come with a number of benefits.

• They are reliable • They can discriminate between millions of people • They are reasonably consistent over time since they change very little over the adult life of an

individual • They cannot be cosmetically altered without it being obvious • They are fast and efficient, because optical computers are extremely fast and process data in

parallel and at the speed of light When accessing a building or passing through customs a person will present their facial image to an Access Control Face Reader which controls physical access to buildings and entrances. Through a proprietary Matching Engine and algorithms, this system performs subject identification and verification. When working in identification mode, the system compares the extracted biometric template of the subject’s face against all locally or network stored templates. In verification mode, the system compares the extracted biometric template against the template stored on the ring.


The reader is a real-time 3D surface scanner working in invisible near-infrared light.

3D facial scanner Integrated light-immune camera (image source: premierelect.co.uk) allowing access to building

(image source: 3g.co.uk)

Biometric access control Individuals will be asked to identify themselves by simply looking into a camera lens set up at the checkpoint. Their facial biometric (FacialPIN™) is used, automatically, to confirm or deny access. (The same method can be used to allow a person access to their work place.) The system will automatically update the template (stored in the central database) periodically which means that the system will be able to handle gradual changes in appearance. Checkpoints will be fitted with light immune cameras and will allow for automatic face recognition in any light, from bright sunshine to total darkness. Light immune cameras employ highly specialised infra-red techniques. They are able to effectively capture data at unsheltered external access points as well as inside a building.

How facial recognition works

Acquiring a sample The first step is generic for all biometric technologies; it consists of a sensor taking an observation. In the case of 2D face recognition, the sensor is a camera and the observation is a photograph or series of photographs. This acquisition can be accomplished by digitally scanning an existing photograph or by taking a photograph of a live subject.

Extracting features The generic second step is to extract the relevant data from the captured sample. Algorithms used for this process are mostly proprietary and will depend on the manufacturer. The outcome is a biometric template, which is a reduced set of data that represents the unique features of the enrolled user’s face. This template is stored in our database. No images of faces are stored; instead, the template consist of numeric codes that are usually encrypted and is less than 1K in size.

Comparing templates For identification purposes, this step will be a comparison between the biometric template captured from the subject at that moment and all the biometric templates stored on a database. For verification, the biometric template created upon attempted log-in is compared to the template for that person stored in our database (one-to-one matching) or to a database of stored templates (one-to-many matching).

Declaring a match The face recognition system will either return a match or a candidate list of potential matches. In the second case, the intervention of a human operator will be required in order to select the best fit from the candidate list.


Losing the ring If an individual loses their card, their identification can be found and verified by using their unique biometric information. The card can be frozen by its owner to prevent unauthorized use by logging onto the Oyster ID web site. The individual will reapply for a new Oyster ID by producing their birth certificate and a proof of residence.

Death of the individual When an individual dies, all data will be erased. The credit balance stored on the card will be credited back to the related bank account.

Access control at borders

Extended Access Control through Chip authentication and Terminal authentication will provide the level of protection needed to ensure that a citizen’s personal data is reliably protected from unauthorised access or reading. (For details see page 5, Border traffic security and access control for Oyster ID) This highly complex ID security system is reliant upon the distribution and issue of government-certified access authorisations. Only government-authorised reader units, such as those used in registration offices or at border control points, are able to decrypt and read a citizen’s sensitive biometric data. It is the sole responsibility of the government issuing the ID Ring to determine whether or not a particular reader unit is able to access the data. The application of Basic Access Control is already compulsory for all EU Member States and is recognised as a reliable security standard internationally.

Various ways of wearing the ID Ring


Asking users Questions for evaluating the two competing concepts:

1. What is your first impression? Which do you prefer? Why?

2. How do you feel about carrying around/wearing the device on a day to day basis?

3. How easy-to-use do you find handling the device when buying goods?

4. Would you be happy presenting yourself to an iris/facial scanner?

5. Would you be happy to have your iris/facial scan taken in the first place?

6. Would you be happy to access the internet to manage your information?

7. Do you have any concerns in regards to security of the device?

8. Do you have any other comments or concerns?


Final design solution

The Oyster ID was considered a very successful design solution for a nationwide transaction and ID device. The critical factor was its familiarity of concept and convenience of use. The card can be extended by further functions to allow access to stadiums or other places the individuals is a member of. The ring, while seen as the more exciting product idea, was rejected (by most men) on the basis of both its association with femininity, and its size and object character. A ring is not something many people are used to wear or carrying around. There is a danger of it getting left at home, lost, or forgotten about. Also, it makes people feel like being tagged or being branded - the lifestyle statement becomes a weakness. Ease of use

The ordinariness of Oyster ID was seen as its strength. The card is carried in a simple wallet alongside with other cards. There is no need to open the wallet when buying goods. Reading the card is instant. Handling the ring in comparison will be time consuming. The few seconds of 'where did I put the ring?' checking all the pockets makes the device less efficient to use compared to the Oyster ID. Health issue with iris readers Readers need to be tested as safe to use. An independent health and safety authority will issue a visible kite mark or EU stamp saying that that the product had been independently tested as safe to use.

Security Oyster ID will require entering a PIN for additional protection when making cash transactions. Data storage in a central database was not considered a threat to privacy according to most interviewees. The view was that the trade-off between convenience vs. the fear of misuse will be won by people’s need for convenience. Data access via the Internet is not always reliable. Local council offices could be equipped with ordinary computer terminals inside the building which contained the databases for people to view the data held about them. The government needs to provide citizens access to the information in another, more reliable manner.


Oyster ID fact sheet

The idea Smartcards are a familiar, convenient and universal form of everyday communications for people. This new Oyster ID is one of them. It electronically stores travel details on cards enabling reliable and instant identification of an individual, gaining quick access to the transport network and secure and easy to handle payment for goods. Introduced in 2002 to collect fares for the London’s mass transit system the Oyster card system is already well accepted with UK citizens and growing in popularity due to its ease of use and familiarity of concept. As of January 2007 over 10 million people used the cards. Carrying the device In a protective wallet. Due to its standard size Oyster ID fits into standard leather wallets alongside with other types of cards such as credit cards or store cards. Alternatively the card can be carried inside a light weight spring loaded belt leash or can be worn in a card holder attached to a necklace. Functions A multifunction smart card that acts as

• a biometric passport (a secure, physical identification document) • a personal transport ticket • a payment and bankcard for shopping and leisure

Visible on the card

• Your name • Card number

Stored electronically on the card

• name • personal code (national ID code) • birth date and time • sex • citizenship • card number • biometric iris image • digital photo of the card holder


Data records

The data above is stored in a central database and can only be viewed by authorised bodies and yourself. On a voluntary basis you can include the following data thus enhancing the functions the card provides. Voluntary information:

• medical record • residence address • names and contact details of relative and friends • drivers license (semi-public) • work place details, access codes (semi-public)

Updating data Access central database via UK Citizenship web site. This data is managed by the individual alone and its disclosure is entirely voluntary.

Data related to credit balance and travel tickets are held electronically on the card rather than in the central database. Credit purchased online or over the telephone is then "loaded" onto the card at a validation points or barriers. Children and young adults will be able to view their data, but no be able to change data without their parents consent. How will Oyster ID be read? Using public transport: Touch the card on of the many Touch Points readers Travelling abroad Touch the card onto Touch Point reader at customs, then proceed to Iris scanner for authentication Paying for goods Use touch point reader at counter, check payment amount on touch-screen, press ‘ok’ to confirm purchase, your card has to be topped-up from your bank account or credit card account (max of £200) beforehand

Card readers at gates on London Iris scanner Underground

Authentication/verification Through biometric iris recognition. Standing 12 to 15 inches away from the camera you look into an iris reader for about 1.5 seconds. No physical contact is necessary. Design In line with current Oyster card The Oyster UK web site uses additional graphic elements to represent the different types of data held about the individual.


Information is mapped to colour as follows:

• yellow: medical record • blue: payment, credit related info • red: friends and family • green: work related info • purple: health and medical info

Losing the card

• Log onto Oyster Website and freeze your card • Reapply for a new Oyster ID by producing their birth certificate and a proof of

residence. • Your existing iris template and all other stored data will be encoded on a new card.

Death

• all data will be erased, the card gets deactivated and your profile frozen • credit balance stored on the card will be credited back to the related bank account.

Issuing cards

UK Citizenship Board government organization responsible for issuing identification documents to UK citizens (and alien residents) is in the supervision area of the Home Office. They receive the card application from citizens. Operations, maintenance and development of the system is undertaken by Oyster UK. Oyster UK maintains the electronic infrastructure necessary for issuing and using the card, and develops the associated services and software. They also take care of delivering the card to its holder.


Resources http://connectid.blogspot.com/2006/08/identity-card-concept-project.html George J. Tomko Phd addressing concerns on Biometric Encryption, Oxdeadbeef mailing list http://www.petting-zoo.net/~deadbeef/archive/1310.html

Dr. George J. Tomko, Biometric Encryption - New Developments in Biometrics, 18th International Privacy and Data Protection Conference, September 19, 1996 http://www.privcom.gc.ca/speech/archive/02_05_a_960918_01_e.asp

Biometric-based technologies. OECD, Working Party on Information Security and Privacy, 30 June 2004

http://www2.oecd.org/mcmdown/

Biometric Product Testing, Final Report, Centre for Mathematics and Scientific Computing, Middlesex, UK, March 19, 2001

Biometrics - An overview of Biometrics http://biometrics.cse.msu.edu/info.html

Global identification, ePassports: next generation by Dr. Mike Bond, Cryptomathic http://www.global-identification.com/index.php?id=773 ID cards: an Action Network briefing / BBC Article highlighting pros and cons of National ID cards in the UK http://www.bbc.co.uk/dna/actionnetwork/A2319176

Identity Crisis - How to have a national ID card that doesn't threaten civil liberties. WIRED Magazine, Issue 12.01, January 2004 http://www.wired.com/wired/archive/12.01/start.html

Oyster Card Implementation - What does it do, some launch experiences, lessons learnt and what next. Brian Dobson, Prestige Systems Integration Manager, Transport for London, United Kingdom http://www.idtechex.com/products/en/presentation.asp?presentationid=670 The Canadian Internet Policy and Public Interest Clinic (CIPPIC) Discussion on National ID Cards in Canada http://www.cippic.ca/en/faqs-resources/national-id-cards/ The Estonian ID Card and Digital Signature Concept, Principles and solutions, June 5, 2003 http://www.id.ee/file.php?id=122 The RFID Knowledgebase http://rfid.idtechex.com/knowledgebase/en/casestudy.asp?freefromsection=122 Sagem Sagem Défense Sécurité develops and markets key technologies for electronics, micromechanics, optics, and data processing and transmission http://www.sagem-ds.com/eng/site.php?spage=00000000 Tiresias Information for people working in the field of visual disabilities, An Introduction to Biometrics - Face Recognition http://www.tiresias.org/guidelines/biometrics_face.htm

Concept, design and evaluation of two competing ideas for ... · Oyster ID will be based on the...

Documents

Transcript of Concept, design and evaluation of two competing ideas for ... · Oyster ID will be based on the...