Hello SM,
Thank your for the feedback on the article.
On 2015-09-20 22:44, S Moonesamy wrote:
>
> I don't know whether the address is stored on the National identity
> Card. A person who has an identity card has to notify the Civil
> Status Office within 28 days of a change of residence. I guess that
> someone might find this useful as it should be possible to ensure that
> people do not use a "fake" [1] addresses.
>
The name, date of birth and identity number of the person (i.e info
which are already visible on the surface of the card) are not encrypted.
The address and fingerprint minutiae are encrypted.
>
> Your explanations says that the reader contains a "decryption key".
> It does not make sense to have a "decryption key" stored on each
> reader. You would be creating a security problem instead of solving
> one if you do that. :-)
>
The card readers should come equipped with a Security Access Module [1]
which is a sim-like chip that contains the decryption key. Without this
key the address and fingerprint minutiae can't be read. You might recall
that during MNIC marketing campaigns the National Identity Card was
projected as replacing any "proof of address" document. That was because
the card would contain the address of the person which should be
readable by banks, insurance, etc (well, frankly I do not know who else
can will be allowed to read the cards).
[1]
https://en.wikipedia.org/wiki/Secure_access_module
Regards,
--
Ish Sookun
Received on Mon Sep 21 2015 - 09:16:28 PST