[Reader-list] News Items posted on the net on Multipurpose National Identity Cards-22

[Taha Mehmood]

*http://www.atimes.com/atimes/South_Asia/FJ02Df03.html

South Asia
2 October, 2004

Smart cards make inroads into Asia*
By Raja M

MUMBAI - As governments in a violence-ripped world build techno-fortresses,
computer chip-driven bits of plastic flap as wonder cards driving the next
sunrise industry. Smart cards usually have multi-purpose lives, from being
national ID cards to tools for buying bus tickets or paying the petrol pump
bill. But, as privacy activists warn, smart cards could also be gilt-coated
Trojan Horses for snooping governments, terrorists and crooks.

Essentially, computer chip-embedded plastic cards that store and transact
data, smart cards are expected to be a US$6.8 billion global business this
year. Unit shipments were over 2 billion cards in 2003, according to
Jafizwaty Ishahak, industry analyst for smart cards and auto ID with
consultants Frost & Sullivan. She told Asia Times Online that the
Asia-Pacific region alone accounts for about 34% of the volume.

With Malaysia's MyKad, Hong Kong's Smart Identity Card System (SMARTICS),
Taiwan's Health Card, the Indian government's plan to have a multi-purpose
national ID card and South Korea aiming for public official ID cards by
2005, companies such as Sony, Infineon and Hitachi are smacking their lips.
Says Ishahak: "India along with the rest of South Asia is an active emerging
market that shows lots of promise for growth."

Experts estimate the Indian smart card industry, growing at 45% annually,
will reach $6 billion by 2010. In the next five years, the Indian smart card
population is expected to increase eight-fold. Such happy times for smart
card makers are feeding the growing banking and retailing industry, the
cellular phone boom in India - estimated to be exploding at over 70%
annually (smart cards are used in SIM cards of GSM mobile phones) - and big
projects such as national ID card schemes. "Thailand, the Philippines,
Indonesia, Vietnam, India and China are at the planning or pilot stage of
launching a national smart ID card scheme," says Ishahak.

Hong Kong's SMARTICS, which won a Gold Award in the 6th Hong Kong Computer
Society IT Excellence Awards, represents a successful smart card use. With a
photograph, identity details and fingerprint biometrics of each card owner,
SMARTICS contains an electronic certificate for encrypted e-transactions. In
a Hong Kong government press release, director of immigration Lai Tung-kwok
said: "ID cards with multi-application is not only an identification
document but lays a solid foundation for e-applications and e-commerce."

While India plans its multi-purpose national ID card scheme, provincial
governments have already launched smart card projects for driving licenses,
vehicle registration, social security, health and other uses. Later this
year, Brihanmumbai Electricity Supply and Transport (BEST) is scheduled to
launch an automatic fare collection in Mumbai buses through smart card
technology. BEST, besides being the major electricity supplier in Mumbai,
holds the monopoly for public bus services in the city.

"We plan to first issue smart card machines in 57 buses," A S Tamboli, chief
spokesperson for BEST, told Asia Times Online. "With bus conductors carrying
smart card reading machines, the scheme will help reduce cumbersome ticket
transactions." BEST plans to use the smart card facility in 394 of its
3,380-strong bus fleet in the first phase. The smart card won't cost BEST
anything, says Tamboli, with the card company planning to use it as a
multi-purpose utility including credit/debit card facilities. Mid-September,
the Delhi transport department will be using smart optical cards for new
vehicle registrations, with add-ons such as vehicle history storage, log,
tax, insurance, accidents and other requirements under the Motor Vehicle
Act.

Fortunately for smart card merchants in India, privacy is yet to be a big
talking point, unlike in the West, where the presence of biometric
identifiers such as fingerprints, iris (eye) scans, or facial recognition
systems in ID cards has sparked off a debate that lurches between security
and privacy. The Electronic Frontier Foundation dismissed national ID
schemes as a "solution in search of a problem". According to the EEF, it
opposes the national ID scheme in the United States because there is "no
compelling case for its utility or effectiveness as a crime-fighting tool
because of the costs (dollars, privacy, and liberty) involved and its high
potential for abuse by entities in both public and private sectors".

Privacy International, the London-based human-rights group formed in 1990 as
a watchdog on surveillance and privacy invasions by governments and
corporations, says America's Patriot Act indirectly squeezes countries into
the US security program. The Enhanced Border Security and Visa Entry Reform
Act, 2002 entails countries to have machine-readable, tamper-resistant
passports to qualify for the visa waiver program.

The Indian government took a major step toward spreading smart card use by a
standardized operating system called SCOSTA (Smart Card Operating System for
Transport Application) developed by the Indian Institute of Technology,
Kanpur, as the standard operating system for driving licenses and other
transport-related projects. A Frost & Sullivan report in 2003 listed the
bigger bottlenecks for the Indian smart card market: "Low purchasing power,
low technology awareness and cultural shifts, delay in approval standards,
other cheaper competing technologies and poor allied infrastructure such as
telecom, ATMs and card readers, etc."

According to an industry professional, smart cards in India are estimated to
cost around $2 to $4 a person. But the system to enable use of smart cards
could cost a business establishment around $1,000. Worse costs could lurk.
Privacy International warns that no smart card technology is secure enough
to escape fakes issued by terrorist and criminal gangs. Besides, there could
be inevitable goof-ups. In 2002, personal data was leaked from Japan's new
nationwide identification system only two days after the controversial
program was launched. Personal information of over 2,500 people was sent to
the wrong people, the Osaka regional government admitted shamefacedly.

The system already faced widespread protests and opposition even before the
blunder, with fears of individual privacy violation and abuse. Months
earlier, the Japanese Defense Agency was found to have been secretly
compiling private information on people who had requested documents under
the country's Freedom of Information Act.

Security worries can be contained, says a leading semi-conductor company.
"The authentication can happen on the card itself so that personal data do
not have to leave the card," Reiner Schnrock, a senior director at the
Munich-based Infineon Technologies AG, told Asia Times Online. "Through the
use of smart cards, personal data can be stored decentrally on the card."

A better way ahead to avoid such abuse, believe some experts, would be to
develop smart cards more as e-commerce and e-governance tools to access
government services rather than as the more controversial national ID cards.
However, in cash-strapped Indian states, money, more than privacy and
security, seems a bigger issue with the whole deal.

*Raja M is an independent writer based in Mumbai, India. *