<http://www.theregister.co.uk/2004/11/24/fingerprint_fights_id_theft/print.html>
The Register Biting the hand that feeds IT Original URL: http://www.theregister.co.uk/2004/11/24/fingerprint_fights_id_theft/ DIY fingerprint idea thwarts ID thieves By John Leyden (john.leyden at theregister.co.uk) Published Wednesday 24th November 2004 07:59 GMT The Home Office is touting ID cards as a solution to ID theft in today's Queen's Speech (http://news.bbc.co.uk/1/hi/uk_politics/4034543.stm) but a Yorkshire man has taken matters into his own hands. Jamie Jameson, a civil servant from Scarborough in North Yorkshire, insists that credit can only be extended in his name on production of a thumbprint. Jameson hit on the idea of writing to the UK's three main credit reference agencies - Equifax, Experian and Call Credit - and requesting that they put a 'Notice of Correction' on his file stating that a print must be offered with applications for loans or credit cards issued in his name. At the same time he submitted his fingerprint. This Notice of Correction of the first thing a prospective lender will see when it calls up his records. Normally this facility provides a way for individuals to explain why they have a county court judgement against their name or other qualifications to their credit history. Jameson is using it to do a cheap security check. Although uncommon in the UK, thumbprints are often used as an audit mechanism for people cashing cheques in US banks. A similar scheme was trialled (http://www.south-wales.police.uk/fe_news_w/news_details.asp?newsid=169) in Wales. Jameson takes a little ink pad similar to that used in US banks around with him all the time just in case he might need it. If an application for credit is accepted without a thumbprint - against Jameson's express instructions - then he will not be liable for losses. If a would-be fraudster gives a false print on an application then it makes it easier for them to be traced by the police. "Lenders don't have to match prints. Using prints just establishes an audit trail if anything goes wrong," Jameson explained. "It's not so much me proving who I am as preventing someone else being me." Jameson has been using the idea successfully for over a year. He concedes that the scheme isn't foolproof and that it's possible to fake (http://www.theregister.co.uk/2002/05/16/gummi_bears_defeat_fingerprint_sensors/) fingerprints ("nothing's perfect," as he puts it). As far as Jameson knows he's the only person who's using the technique in the UK. The scheme delays the issuing of credit, which could be a problem with people who apply for multiple accounts but this is a minor inconvenience for Jameson. "This is driven by the individual so there are no data protection issues. It's a real deterrent to ID theft," he told El Reg. ® -- ----------------- R. A. Hettinga <mailto: [EMAIL PROTECTED]> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
