The Home Office’s national identity cards programme has come in for considerable criticism since it was first proposed as a benefits entitlement scheme in 2002.

Quite apart from the civil liberties issues, questions about both the technology and the ability of the government to successfully deliver IT-enabled projects have not been answered satisfactorily.

Many countries have ID cards, but the UK scheme, based on the creation of a central identity register holding personal data and 13 biometrics (face, two irises, 10 fingers) for the entire adult population, has no precedent.

The plan has come under fire for its lack of clear purpose, non-existent benefits for card holders, and technical inconsistencies.

At a journalists’ briefing at the Home Office (HO) last week, the government sought to answer some of these criticisms.

An overwhelming lesson from past public sector IT disasters is not to announce when the system will go live before talking to suppliers about how it can be delivered. The plan to introduce the first cards by 2008 was announced in 2003, at a time when the enabling legislation was expected to be passed before last May’s General Election so the procurement could start in June.

But the bill was held over because of the election, and will now not be passed before the end of the year.

Katherine Courtney, director of the HO ID cards programme, says things are still on track, despite the delay.

‘We had contingency built into the timetable and the legislative delays gave us additional time to work through the specification and continue to research the industry view,’ she said.

‘As long as the bill receives Royal Assent some time early in the new year we will begin registering identities as planned towards the end of 2008.’

Both Courtney and head of egovernment Ian Watmore are keen to stress that past experiences have not been wasted.

‘We are embedding best practice from the beginning – avoiding a big bang, single-day implementation and spreading it over a long period so lessons can be learned along the way,’ said Watmore.

‘So we will be able to change direction at a practical level if we hit snags along the way.

‘We are also making sure the HO team is joined up with the rest of the public sector,’ he said.

The scheme will use the infrastructure being put in place to handle face-to-face interviews for passport registration. From 2008 the Passport Service’s front office network will offer full biometric ID card registration for the first few hundred thousand early adopters.

The gradual introduction of the scheme is crucial to its success, says Watmore.

Since its inception the scheme has been decried as a solution looking for a problem. At first the government said it was to help beat terrorism, then fraud, then terrorism again. And there was little focus on the real benefits to the citizen, an important point in relation to overcoming civil liberties concerns, as well as the more practical question of keeping the information on the central database up to date.

The Home Office has been working hard to develop potential uses of the card, to give citizens sufficient incentive to keep their data accurate.

When the first cards are issued in 2008 there will be few so-called ‘verification services’.

It will function as a valid travel document within the EU and speed up Criminal Records Bureau checks (Computing, 15 September), but most additional services will not be in place before 2010.

‘Verification services are something we expect to build up incrementally,’ said Courtney.

‘Over the initial period, when few people are registered, we will be piloting some services with closed user group trials.’

A private sector user group convened by the HO is also looking at potential uses in the commercial sector.

Some of these will help the companies themselves, such as speeding up hiring procedures or acting as door passes. Others will be good for cardholders – minimising the documentation needed to make large-scale withdrawals from bank accounts, or guaranteeing identity for online purchasing.

To avoid a spiralling of identification requirements the government is developing an accreditation scheme so that companies wanting to make use of the card must justify the level of verification they require – from PIN authentication to full biometric check.

‘We are building safeguards into the scheme so we are not finding people checking biometrics for frivolous reasons,’ said Courtney.

The government is also working with banking industry body Apacs to ensure the next generation of chip-and-PIN credit card readers can provide PIN-authentication of ID cards. Once established, the same infrastructure used to take a credit card payment can be used to identify the customer for a high-risk transaction such as car hire.

One of the biggest technical challenges is the reliability of biometric technology. Courtney acknowledges that biometrics do not perform perfectly, but says the scheme does not suffer.

‘There are quite a few things in our testing strategy between now and 2008, and one of the big challenges is around the scalability of biometrics because the performance statistics are variable,’ said Courtney.

‘But there is quite a lot of security even without the biometric: the card itself will be secure and difficult to forge, as well as being PIN-protected and associated with a public key infrastructure for online purposes.