The controversial digital ID plan has left many ready to reach for a Nokia brick phone over cybersecurity concerns. But what are the real risks with it?
With the dawn of the digital IDs, the UK is on the brink of catching up with the rest of Europe or spiralling into a dystopian future – depending on who you ask.
Campaigners have raised the alarm over privacy and cybersecurity risks, while some people have vowed to go back to Nokia 3310s
Meanwhile, supporters have said most of our lives and sensitive information are already online, and we use facial recognition and fingerprints to use contactless payments and verification.
Sign up for all of the latest stories
Start your day informed with Metro’s News Updates newsletter or get Breaking News alerts the moment it happens.
Manos Panaousis, a professor of cybersecurity at the University of Greenwich, told Metro that there is ‘no need to panic’ about the security implications, although the system comes with its ‘vulnerabilities.’
He said: ‘The attacks can target the back end of the infrastructure, which would obviously create big issues.
‘Or they could look at simpler attacks and steps to target the user directly.’
One risk could be identity fraud, which is already a risk ‘with any kind of a card, so it should not come as a surprise.’
A sophisticated and well-funded criminal entity could try to exploit the system with tactics like ‘deep-fake biometrics spoofing,’ which is ‘very technical, but doable.’
When asked if hackers were already scheming for a potential attack targeting the digital ID, prof Panaousis said ‘they are always plotting something.’
He said he would worry more about the ‘backend infrastructure, because all this is using AI and machine learning, and there are a lot of attacks now on the algorithms.’
He continued: ‘If a whole database is attacked by organized crime abroad or terrorists, then it has a huge impact, comparable to losing a database of passwords.
‘So it is about setting it up properly and not being stingy with the security in the first place.
‘And secondly, the users need to be educated about the identity card. People must understand that there are risks associated with certain attacks.’
Prof Panaousis said criminals could try to utilize a window of opportunity when the system is set up and may have ‘some vulnerabilities that are exploited.’
‘Whatever they do, they need to think of cybersecurity by design very, very carefully. It is not a completely brand-new technology, so it is not rocket science to do it properly.’
The digital ID faces fierce backlash.A petition urging Keir Starmer to scrap it reached more than 1 million signatures within hours after the Prime Minister’s announcement this morning.
But if the digital ID takes off despite the opposition, it could become part of our everyday lives, and there are ways to stay on top of risks.
Prof Panaousis said the ‘most effective mitigation is to build awareness and resilience among citizens themselves – educating people to be cautious about how they share data, how they click on links and how they handle digital interactions.’
The government argued that the new digital ID will offer ‘significant benefits for reducing identity theft and preserving privacy, with security at its core.’
It will have safeguards to limit personal details being shared unnecessarily, and use ‘state-of-the-art encryption and user authentication to ensure data is held and accessed securely.’
If a phone is lost or stolen, the digital ID credentials can be ‘immediately revoked and reissued, providing better security than traditional physical documents,’ the government said.
Get in touch with our news team by emailing us at webnews@usnewsrank.com.
For more stories like this, check our news page.
Discover more from USNewsRank
Subscribe to get the latest posts sent to your email.