Security, Privacy, and the BC Services Card

In the past month, my colleague Christopher Parsons (@caparsons) and I have been researching the technical attributes of the BC Services Cards. Recently, I guested on Christopher’s excellent blog, Technology, Thoughts, and Trinkets, with a post about the security vulnerabilities (and associated privacy concerns) surrounding the use of NFC ‘smart’ chips in the proposed BC Services Card (see: Smart Chip, Simple Illusions: NFC and the BC Services Card). In short, while the chips are offered as an enhanced security feature by the BC government, they actually introduce a range of vulnerabilities into the network environment, serving as a potential beachhead that opens the door to serious privacy breaches.

While you’re on Christopher’s site, check out a bundle of other posts outlining the problems associated with the new BC Services Card initiative. In particular, the misleading use of fraud to drive adoption; the rather confused public outreach strategy from the BC government; as well as our concerns stemming from the use of biometric analyses for fraud purposes. In the coming weeks, we are expecting to write about some of the troubles plaguing the BC Identity Management / IT database architecture associated with the identity management layer.