Subscribe by Email

Your email:

Browse By Date

Biometric Security and Control Blog

Current Articles | RSS Feed RSS Feed


  I call your attention to a press release issued today that states "Cardlab Solves Privacy Fears with its 'Scan and Match on Card' Biometric ID Card" which is found below.  Such "solution" to the Real Enforcement with Practical Answers for Immigration Reform (REPAIR) Proposal  under consideration currently would do nothing more than vastly increase the exposure to and probability of establishing a new points of penetration of U. S. national security.  The CardLab announcement is cleverly worded in that it states "solves privacy fears" but not privacy issues with a card that is "resistant" to a number of vulnerabilities but not fully protected from them or able to produce evidence of any tampering or improper use.


Below follows a clear analysis of all the elements of the REPAIR proposal and how this dangerous "solution" fails to provide the needed security to truly solve the privacy and national security issues being addressed.  It seems likely that a solution employing cards with biometric data is nothing more than a transparent attempt to cram down card use by members of the card industry without regard for true security, hardware independence, or extensibility of the credentials for use in other identity-sensitive applications.



COPENHAGEN, May 12 /PRNewswire-Asia/ -- CardLab (Denmark), the world's leading powered card technology developer, announced today that their Powered Biometric ID Card exceeds the technical challenges and demands in the new proposed US National Immigration ID Card.

Several senators, including Senate Majority Leader Harry Reid and Intelligence Committee Chairwoman Dianne Feinstein, announced the crucial need for improved identification of immigrants, and the use of biometrics. The bill's summary read: "These cards will be fraud-resistant, tamper-resistant, wear-resistant, and machine-readable social security cards containing a photograph and an electronically coded micro-processing chip which possesses a unique biometric identifier for the authorized card-bearer."

"The CardLab Biometric ID Card exceeds the technical and political challenges in this bill," said Torsten Nordentoft, CTO of CardLab. "One of the many truly unique aspects of our card is the 'match on card' capability which eliminates external storage and possible theft of personal information -- in other words, all private information will remain on the card and in the pocket of the individual."

The self-powered CardLab Biometric ID Card is designed to contain all functionalities "on-board", from encrypted personal data, finger print recognition scanner, to communication via our patented Dynamic Magnetic Stripe, EMV chip and RFID. The "all on board" card ensures that no further investments in external card readers are required, and the true ISO 7810 credit card format paves the way for an instant mass deployment while keeping cost per user low.

CardLab is currently negotiating with partners in the US and several other countries for the customization of Biometric Citizen Cards and other high security variants of multi-functional identification and access cards.

About CardLab:

Founded in Denmark in 2004, CardLab is a technology and solution provider to the smart card industry, ranging from OEM sale of individual technologies, to development of customized solutions. CardLab holds several patents in the smart card field.

CardLab is dedicated to enabling card manufacturers, card issuers and their customers to take optimal advantage of the technological developments in miniaturized low power electronics for on-board integration in ISO 7810 cards.

Log on to for more information

SOURCE CardLab ApS, Denmark



The typical underlying problems with cards in a wide deployment of this magnitude will do nothing to eliminate the problems associated with lost/stolen/unavailable and fraudulent cards. The stakes will increase substantially as sensitive personal data stored on the cards will make them valuable targets to hackers and those looking to black-market them. We feel that such card systems primarily benefit the card vendors and do not provide adequate security or efficient use of capital resources, as per the Real Enforcement with Practical Answers for Immigration Reform (REPAIR) Proposal, which states its primary objectives are:

  • 1. Achieve Operational Control of America's Borders to Prevent Future Illegal Immigration
  • 2. Secure the Border First Before any Action can be Taken to Adjust the Status of People in the United States Illegally
  • 3. Further Fortify America's Border Enforcement Capability
  • 4. Detection, Apprehension, and Removal of Unlawfully Present Persons in the United States
  • 5. Ending Illegal Employment through Biometric Employment Verification
  • 6. Employers hiring workers in the future will be required to use the newly created Biometric Enrollment, Locally-stored Information, and Electronic Verification of Employment (BELIEVE) System as a means of verification.
  • 7. Reforming America's Legal Immigration System to Maximize American Economic Prosperity (for both Highly Skilled and Lower Skilled Workers.
  • 8. Promoting Family Reunification
  • 9. Mandatory registration, acceptance of responsibility, and administration 9of punishment for unauthorized aliens presently in the United States.
  • 10. Encourage maximum participation in the legalization program.
  • 11. Enhance law enforcement capabilities and protect U.S. national security.
  • 12. Reforms designed to enhance efficiency and effectiveness in America's immigration system.

Comment:  A secure biometric system such as TEAMS from Triad Biometrics could meet and exceed all such requirements without the need for cards, yet the additional requirements of the REPAIR Proposal clearly show an unjustified bias towards the use of cards:

  • 13. Not later than 18 months after the date of enactment of this proposal, the Social Security Administration will begin issuing biometric social security cards. These cards will be fraud-resistant, tamper-resistant, wear resistant, and machine-readable social security cards containing a photograph and an electronically coded micro-processing chip which possesses a unique biometric identifier for the authorized card-bearer.
  • 14. The card will also possess the following characteristics: (1) biometric identifiers, in the form of templates, that definitively tie the individual user to the identity credential; (2) electronic authentication capability; (3) ability to verify the individual locally without requiring every employer to access a biometric database; (4) offline verification capability (eliminating the need for 24-hour, 7-days-per-week online databases); (5) security features that protect the information stored on the card; (6) privacy protections that allow the user to control who is able to access the data on the card; (7) compliance with authentication and biometric standards recognized by domestic and international standards organizations.

Comment: The requirement to access a biometric database is the best way to secure the credentials and to prevent fraud. There will need to be a central database to keep track of each card serial number in any case. Adding secure biometric information to that adds far less overhead than issuing cards with sensitive data that will eventually be hacked, cracked, and resold on the black market.

  • 15. The new biometric social security card shall enable the following outcomes: (1) permit the individual cardholder to control who can access their information; (2) allow electronic authentication of the credential to determine work authorization; and (3) possession of scalability of authentication capability depending on the requirement of the application.
  • 16. Possession of a fraud-proof social security card will only serve as evidence of lawful work-authorization but will in no way be permitted to serve-or shall be required to be shown-as proof of citizenship or lawful immigration status. It will be unlawful for any person, corporation; organization local, state, or federal law enforcement officer; local or state government; or any other entity to require or even ask an individual cardholder to produce their social security card for any purpose other than electronic verification of employment eligibility and verification of identity for Social Security Administration purposes.

Comment: The above objectives can be achieved without the use and expense of cards.

  • 17. No personal information will be stored on the electronic chip contained within the social security card other than the individual's name, date of birth, social security number, and unique biometric identifier.

Comment: The personal information stored on the card as described in No. 17 above is foundational information for committing identity fraud which will encourage illegal cloning of cards. Fraudsters will know this information is there and will create a black market for cards that were either reported lost/stolen and reissued, or they will simply make duplicate clones and re-enroll fingerprints and/or bypass the fingerprint matching requirement as they wish in order to control or reassign the cards. This is a recipe for disaster in terms of security and may well create higher levels of identity fraud than exist in the current system.

  • 18. Under no circumstances will any other information, including medical information or position-tracking information, be contained within the card.
  • 19. The Secretary of Homeland Security shall work with other agencies to secure enrollment locations at sites operated by the federal government.
  • 20. Prior to issuing an individual a new fraud-proof social security card, the Social Security Administration will be required to verify the individual's identity and employment eligibility by asking for production of acceptable documents to be provided by the individual as proof of identity and employment eligibility.
  • 21. The Secretary of Homeland Security will work with the Commissioner of the Social Security Administration to verify non-citizens' employment authorization.
  • 22. SSA will also be required to engage in background screening verification techniques currently used by private corporations that use publicly available information that can be derived from the individual's social security number. An administrative adjudication process can be invoked in the event that an individual is unable to establish his or her identity or lawful immigration status. Adverse decisions can be reviewed in the federal courts.

Comment: The above actions in number 22 would also satisfy the enrollment support requirements for Triad's cardless biometric solution, so these provisions are readily transferrable.

  • 23. There will be a multi-stage process of re-verification if an individual claims he lost his previously issued fraud-proof social security card to ensure that there is no identity-theft or unlawful collaboration of identity.
  • 24. There will also be a multi-stage process for resolution of proper identity if an individual claims an identity tied to a social security number that has been claimed by another individual.

Comment:  With respect to number 23, we have demonstrated that such cards are anything but "fraud-proof".  Re-verification and the process for identity resolution would be eliminated by use of Triad's cardless biometric solution.

  • 25. Tough penalties will be put in place for fraud in procurement of a fraud-proof social security card. The same penalties shall apply for conspiracy to commit fraud if false information is intentionally provided.

Comment:  We are gravely concerned that the REPAIR Proposal was written without regard to the true security risk inherent of such systems and primarily benefits the card suppliers. The proposal does not factor the aforementioned risks of hacking/cracking/cloning/social engineering and other factors that will promote an illegal black market for such cards.  Black market cards will be sold to illegals. Low-paid workers will be enticed to "sell" their legitimate cards to black marketeers and then report these cards lost and request replacements. This would create a supply of the physical cards that could be re-programmed and used by others illegally, while increasing the demand and expense for card replacement. There is no stipulation in the REPAIR proposal for hardware independence or interoperability by different vendors, nor is there a security review requirement by an independent third-party which would factor and evaluate these risks. Additionally, there should be recognition of the value for extensibility and its beneficial economic effects for use with other applications which may include other types of physical access, logical access, and background checking.




All Posts