Biometric ID cards provide an added, though flawed, layer of security, at a terrible potential cost, according to an American expert.

George Tillmann, former chief information officer of Booz Allen Hamilton, a multinational strategy and technology consulting firm, said biometrics did not rely on something you had, such as a credit card, or something you knew (a PIN), but something you were (your fingerprints or retinas).

These unique biological identifiers are electronically read and converted to a string of ones and zeros and sent to an authenticator to be compared with the string of numbers on file in the database. And there lies the weakness, according to Mr Tillmann.

"The risk of database theft remains unchanged - if a credit card number can be stolen, then the sequence of numbers that make up a fingerprint can be stolen just as easily," he told The Sunday Times.

The debate on the need for greater security measures controlling the issue of identity cards was sparked by a recent case of identity theft, but promises that the electronic versions will be safer have not quelled criticism.

After a woman stole somebody else's identity and got a replacement ID card under somebody else's name, the Telecommunications Ministry said last week biometric ID cards would provide greater security because they would contain more information on their owners, including fingerprints.

But since the problem was caused by internal oversight, people commenting on timesofmalta.com questioned whether the biometric cards would in fact put them at greater risk.

The ministry had said the new cards would store personal information on a chip, enabling an electronic verification of identity.

"The chip is not intended to store one's life history but will provide a key to the bearer with which he may provide information to third parties," the ministry said, adding the influx of technology in daily commercial activities had increased the need for secure identification.

But innovative technological solutions for personal transactions, like credit cards, have been plagued by security breaches. So, will ID cards be subject to the same risks?

Mr Tillmann believes biometrics are as subject to abuse, misuse and theft as any other measure, with one frightening exception:

"If your credit card is stolen or lost, a new card can be issued. If your PIN becomes compromised, the bank can give you a new one. But what do you do if someone steals your fingerprints?"

The possibility of unauthorised access to government databases cannot be ruled out. In September 2008, government systems at MITTS were hacked and 20,000 passwords, including those of ministers, were stolen.

A similar data breach, though one involving citizens' personal information, would carry severe repercussions.

Since the chip on electronic cards can store any amount of information on an individual, from health records to financial statements, citizens are asking the government to clarify the exact information e-ID cards would contain.

Ramon Casha from Qormi said: "I think it's about time the government tells us exactly what is going to be stored and whether citizens will have the option not to have sensitive information on the card. I am not happy having health or banking information on a card I have to produce at 100 different entities."

Franco Buttigieg, of Sliema, also expressed concern: "Now, instead of the possibility of an ID card being issued to the wrong person, we will face the greater risk of our personal information and fingerprints being available to those who have access to the database and it could be used for the wrong reasons."

Gozitan Edward Bartolo said citizens had a right to know what would be recorded on these cards, while Roderick Micallef, of Attard, asked why no consultation had taken place.

Plans to introduce ID cards have met with protest in the US, Canada, New Zealand, Australia and other European countries. Opposition to the cards in the UK scaled back plans for their introduction, even though the EU has laid down regulations for biometrics in travel documents issued by member states.

Individual security was not the reason for the EU's standardisation of data, it was improved border control. It is, in fact, a global phenomenon - according to current plans, more than 85 per cent of the world's population will have a biometric document by 2012.

The ministry said electronic ID cards will be issued at the end of the year, and "the change process was going according to plan". In 2007, the ministry had told The Sunday Times they would be introduced early the following year. More than two years after that deadline, citizens still do not fully understand the implications of biometric ID cards.

Sign up to our free newsletters

Get the best updates straight to your inbox:
Please select at least one mailing list.

You can unsubscribe at any time by clicking the link in the footer of our emails. We use Mailchimp as our marketing platform. By subscribing, you acknowledge that your information will be transferred to Mailchimp for processing.