The proposed imposition of identity cards tends to gets people riled up. This is especially true of the people who are going to have to carry the documents in their purses and wallets. In British Columbia the provincial government has slowly, and quietly, developed an identity card termed the ‘BC Services Card’. The Services Card will effectively be a required piece of documentation for all BC residents as of about 2018; it will be used to access non-emergency medical services, as well as to-be-decided government services provided by education, citizen services, and more.
In 2012, the British Columbia Civil Liberties Association commissioned a technical report about the services card from my company, Block G Privacy and Security Consulting. The goal of our report was to contextualize the politics and technology behind the new BC Services Card and, in the process, understand prospective security-and privacy-related issues linked with the initiative. A core aspect of our report consists of a technical survey of the Services Card and its associated infrastructure. As part of our survey we evaluate possible vulnerabilities that could be exploited by a hostile third-party intent on undermining, disrupting, or otherwise compromising Services Cards or the trust BC residents are expected to place in them as technically sophisticated and reliable identity tokens. Given that we lacked direct access to the cards and infrastructure our analyses and critiques were based on limited documentary evidence, expert-level interviews, and secondary sources.
Highlights from the section of the report covering risks and vulnerabilities include:
- The importance of ensuring that government actors responsible for issuing the cards are trustworthy; failure to do so could undermine many of the government’s identity assurance processes that underlie the entire card system.
- Physical security characteristics are positive, though the inclusion of biometric facial images does not necessarily lead to the security enhancements suggested by the government.
- The near field communication (NFC) chips embedded in the cards are a point of significant vulnerability, insofar as they could be read at a distance, compromised by a malicious actor, or tampered with to intrude into the computers and mobile phones reading the chips.
- The potential for ‘function creep’, or the expanded use of the Services Card for purposes beyond the current scope of the card. This might include use of the card by private parties or the card ultimately being integrated with the federal government’s planned pan-Canadian identity card.
In light of these risks, we provide the following suggestions to ameliorate potential security dangers:
- Penetration tests should conducted to ‘attack’ the system, in order to understand where vulnerabilities exist, how they could be exploited, and how to subsequently rectify them. Given the magnitude of the government’s proposed data linking infrastructure associated with the Services Card this kind of analysis is critical. Testers should be given a wide permit in testing the system and not be artificially limited in what they can do to identify vulnerabilities.
- Public consultations with security experts should occur and consultations findings summarized and subsequently made public. These consultations should attend to how security of the cards and BC residents’ privacy can be maximized.
- Public audits should be routinely conducted on the systems and infrastructure surrounding the BC Services Card. This should include auditing private vendors who are contracted to provide service.
Our report is available for public download.
Over the next 48-72 hours I’ll be doing some (extensive) work on my site. I’m simultaneously trying to renovate some features, dispose of others, and generally repair some long-standing problems on the backend. This site – and the database behind it – started as an experiment many years ago and I made a large number of fairly boneheaded mistakes over the years that I’ve tried (I think successfully) to cover up with bandages and duct tape during the last 3 years. It’s time, however, to amputate of these festering areas and rebuild them.
I’ve begun fixing up some of the problems over the past month, including migrating to a better hosting company that has located my data in Canada. Uptime has been more reliable and access speeds have generally improved, but more needs to be done. By the end of the weekend I hope to have performed the work needed to correct the bits and pieces of the site that are becoming increasingly problematic to deal with.
One of the more significant changes will be that the “/blog” in my URL will largely be removed. I’ll be trying to remedy internal links over the coming while, to limit internal breaks, but this might mean that some inbound links are broken. Significantly, those who use RSS readers to read what is written will likely need to adjust their feed. By the end of the weekend, the feed should have moved to: https://christopher-parsons.com/?feed=rss2
I’ll post an update, to this post, once the transition is complete. See you on the other side!
The move has concluded. In addition to considerable visual modifications I’ve also remedied some rotten links and tried to improve page response speed. URL structure has changed, though old links should successfully redirect to the new link structure. Text should remain easy to read (ideally as good, if not better, than before) and I’ve presently adopted a ‘reading-for-mobile’ theme. The analytics engine that I use is, at present, Piwiki, which stores data on my server instead of providing it to a third party. The privacy notice has been updated as a result.
As noted in the earlier note, the RSS feed has moved to: https://christopher-parsons.com/?feed=rss2