Toby Stevens writes on the Computer Weekly web site:
One of the biggest flaws in the National ID Scheme’s architecture is its failure to support peer-to-peer authentication in any meaningful way. The government has promoted it as a way to interact with government, UK border controls, proof of age scenarios, and… that’s about it really. However, this is a classic case of designing a system around the needs of a minority user group: those who lack other trusted credentials, or often come into contact with the authorities. It’s an approach that disregards the needs of everyone else.
Like most people with a ‘conventional’ lifestyle (i.e. someone who is not regularly in contact with police, UKBA or social services) I rarely need to prove who I am. My wallet contains two credit cards and a debit card, a few bits of plastic for club memberships (IoD, British Cycling, Britannia Rescue etc) and that’s about it. On a couple of occasions each year I have to dig out my passport from its safe storage in order to a) travel or b) prove who I am for a new financial services product (e.g. moving mortgage provider or changing mobile phone company). Those occasions aren’t an inconvenience for me, since I know when they’re going to happen, and otherwise my passport lives safely locked away.
In this context, a National ID Card – as envisaged by the government – is a complete waste of money for me. It adds no value over a passport, which I’ll still have to own for travel purposes. Furthermore, because the Identity & Passport Service has designed the scheme entirely around government needs, it has been rendered useless for anyone else. Only an organisation with a card reader connected to the National Identity Register can obtain a ‘trusted’ authentication, and that authentication is a one-way process – there’s no mechanism for the card holder to confirm they’re really dealing with an authorised official. In fact the card can’t even support Chip and PIN functionality, so it’s less trustworthy than the average credit card.