« S1(7) Validation information | Main | S1(9) Access records »
May 23, 2004
S1(8) Security information
Security information
8 The following may be recorded in the entry in the Register for an
individual.
(a) a personal identification number to be used for facilitating the
making of applications for, and the disclosure of, information
recorded in his entry;
(b) a password or other code to be used for that purpose; and
(c) questions and answers to be used for identifying a person seeking to
make such an application or to apply for or to make a modification
of that entry.
Posted by wtwu at May 23, 2004 11:53 PM
Trackback Pings
TrackBack URL for this entry:
http://www.spy.org.uk/cgi-bin/mt3121/mt-tb.cgi/165
Comments
NO!!
What is the point of having a Biometric based ID Card if there is also going to be a "traditional" and therefore easily forged Personal Identity Number, password and challenge/response questions ?
Unlike Biometrics, these authentication methods could be used over the phone or via an internet web form, but then there is no assurance about the "Identity" of the person or computer program which is supplying the PIN or Password or Challenge/Response questions/answers.
What is the point of relying on Biometrics if you provide a weaker backdoor mechanism which can be used to get around the strong Biometric authentication ?
Posted by: wtwu at May 24, 2004 04:09 AM