Gemalto VP Testifies on Privacy and Security of Government IDs
Gemalto's vice president of business development and government affairs, Neville Pattinson, testified before the U.S. House Government Oversight Subcommittee on Government Management, urging the Department of Homeland Security (DHS) and congress to make privacy and data security the highest priorities in identification programs such as REAL ID and the WHTI card. Pattinson also sought to explain to lawmakers the differences between insecure RFID tags and secure, microprocessor based and RF-enabled contactless smart card technology. The electronic passport and FIPS 201 Personal Identity Verification federal employee ID programs, two successful programs Pattinson held up as shining examples of getting it right, already use contactless smart card technology.
"The U.S. momentum to add digital security to government IDs and documents is fantastic, but to achieve their policy objectives lawmakers should select the most secure and proven technology," said Pattinson.
At issue is how well the RFID technology being considered for enhanced driver's licenses, REAL ID and the WHTI PASS card initiatives provides security and protects privacy for citizens.
"The digital security technology in an identity document or credential must be able to prove authenticity, protect its information and secure any communication. Secure contactless document technology meets these requirements, using an onboard computer and software to authenticate the credential, challenge other devices before providing information and encrypt any communication. RFID tags do not have any of these capabilities; they just do not compare to secure contactless personal devices," he said.
One strategy Pattinson proposed to lawmakers is to charter the U.S. National Institute of Standards and Technology (NIST) to develop standards for government issued identity cards. "NIST did an excellent job creating secure and privacy sensitive standards for the ID card that all federal employees are now getting, the PIV card. They can do an equally good job for us citizens. They understand the technologies and the issues, and would help to ensure these programs move in the right direction," said Pattinson.
Pattinson sits on the board of the Smart Card Alliance, chairs its Identity Council and was honored with an Outstanding Individual Award for his contributions to the industry last year. He is presently serving a three-year appointment as a special government employee to the Department of Homeland Security's "Data Privacy and Integrity Advisory Committee."
Pattinson testified to congress on behalf of the Secure ID Coalition, an industry association of which Gemalto is a founding member.