Share this:

Like this:

Like Loading...
" />
Published On: Sun, Nov 2nd, 2014

Fraud, Nigeria’s electronic ID card and national security

Share This
Tags

NIMC-Card-front-and-backBy Boniface Chizea

I read the above article which was first published on the back page of The Guardian of Thursday, October 9, 2014 under the “Rise Youth Speak” banner with the second and last part of the article published on Monday, October 13, 2014 written by someone who identifies himself as Don Okereke with the tag of Security Analyst/Consultant. I felt umbrage; I felt total revulsion and was very furious after reading this article. You begin to ask yourself how someone could be so negative about far reaching and innovative transformation efforts being made by this Administration.

It sometimes makes you marvel at the level of cynicism that exists amongst a generality of our population. How the stock-in-trade is to embark on wanton criticisms! How compatriots have cultivated a mindset that says that nothing good can come out of Nigeria and that those at the helm of governance are all cheats who have scant interest for the wellbeing of the generality of our population and who are driven by singular quest for personal aggrandizement. What I intend to do in the rest of this contribution, call it ‘reaction’ or anything, if you will, is to highlight excerpts from the article under reference to adumbrate the worst of this despicable attitude and mindset. I would conclude that unless and until we begin to appreciate little efforts, the ‘big bang’ we hope for will never ‘gather’ to take country to the desired level.

This ID card claptrap is coming on the heels of a $ 40 million “Wise Intelligence Technology (WIT) system”, an open source intelligence Monitoring contract secretly awarded to Elbit System, an Israeli firm, and also the bungled SIM Card registration exercise that gulped N 6 billion. How on earth can someone who claims to be a Security Expert and who had supposedly read the NIMC Act refer to NIMC as being ambitious in this connection and have the discourtesy to refer to the ID scheme as ‘claptrap’? The NIMC Act 2007 pointedly mandated the Commission to harmonize and integrate databases in Government Agencies to achieve resource optimization; through shared service platforms! And therefore NIMC is acting within the ambit of the Act under which it was established if it liaises with other agencies of government that also gather and store data in the course of delivering on their mandate.

In fact, if there are any issues here, it is the fact that in spite of the establishment of the NIMC database infrastructure, other agencies of government have proceeded to continue to gather and talk of biometric registration which might eventually pose integration and harmonization challenges and NIMC is not wielding the big stick now to stop them because it has allowed a transition period that is being abused! What is wrong with Security and related government agencies, as raised by Don Okereke, in the course of the discharge of their duty of stemming crimes and criminality, having access to the database provided that all related protocols and legal requirements are observed? Is there anywhere in the world where Security Agencies do not have access to such data?

NIMC promises that personal information will be stored in the National Identity Database in such a manner that it is both safe and secure. Once an individual is registered he will be able to have access anywhere in Nigeria whenever there is the need to prove, authenticate, affirm or assert his identity. No person or corporate body will have access to the stored information without the consent of the individual concerned and the full authorization of NIMC. However, the NIMC Act sets out a number of government security and financial crime control agencies to whom information will be made available without necessarily obtaining the consent of the concerned individual. These agencies include the State Security Services (SSS), Economic and Financial Crimes Commission (EFCC), Nigeria Police Force (NPF) etc. But request for this information must be made by designated senior officers who must have recourse to the Courts for permission to request for such information.

Access to the National Identity Database is graduated and secure. Access will be granted to government agencies and appointed Identity Verification Services providers but generally such access granted to third parties will be highly secured and beneficiaries of such information would have to convince NIMC of their ability to keep such information safe and secure.

“Cyber criminals are extremely conversant with the jeopardy, loopholes inherent in the cyber world and are exploiting these weaknesses, employing a mismatch of technology (reverse engineering) and social engineering craftsmanship in order to short circuit desired outcomes. With or without an electronic ID card adherents of criminality and terrorism will still engage in their trade.” Says Don Okereke. Should these rationalizations be enough reason to jettison any attempts to manage Identity? Is Okereke aware of the global trend at all? Should we therefore, for fear of data breaches forget undertaking the progressive efforts being made to catch up with the rest of the advanced world in identity management? Should Nigeria not also build its own technology driven infrastructure and capacities to be better able to manage the identity of its citizens (and legal residents)? Must we ignore all the many developmental benefits inherent in doing this?

In my view, the issue of security of the data has been fully taken on board. It takes a serious Security expert to appreciate this. There are 13 applets on the e-ID Card, each protected by very secure firewall. There is an electronic public key infrastructure (e-PKI) which is a strong encryption tool combining digital certificates and keys, to use technology parlance. Each applet can only be inspected by a terminal that has been authenticated by NIMC with a certificate which is time bound and expires after a short while. The Nigerian e-ID Card is one of very few such Cards with an Extended Access Control 2 (EAC 2). German e-ID Card has this same feature. Most Cards have EAC 1 or basic access control (BAC). So how come Don is unable to appreciate this as a Security Expert or his he biased in his review?

Just a thought: many Nigerians have MasterCard and Visa Card branded ATM Cards but no one has accused the banks of sending the personal details of their customers to America! For completeness it is in order to note that only the first 13 million cards will be MasterCard out of a potential total of 150 million Cardholders and therefore the possibilities are open based on the experience with MasterCard. Or is Don misinterpreting the recent fallout in Russia, what of the experience in other jurisdictions that Don benevolently ignored – South Africa, Mexico, Germany, and Malaysia etc. I hope Don realizes that there is no distinction anymore between local and foreign payment platforms anymore in Nigeria, there is no local payment platform in Nigeria, not even Verve!

The NIMC project promises to make it harder for criminals to use false or multiple/duplicate/ghost identities. This will assist the Law Enforcement Agencies (LEAs) a great deal in the discharge of their duties – to protect us all from crimes, especially Advanced fee fraud and terrorism, and other such benefits as assisting the country to better manage the national currency, achieve financial inclusion, deepen the consumer credit system which should contribute to growing the economy, create employment and economic opportunities while raising the standard of living of all Nigerians. This is a laudable project deserving of support from all Nigerians while giving credit to this government as it works to transform this economy through its many and numerous projects. Don and his team of negative critics should for once try and be positive!.

This project is a gift to Nigerians and we are well advised not to look a gift horse in the mouth through unguarded, unwarranted, ill-considered and unhelpful comments. The time to help in nation building is not when you are benefitting or when you are taking sides with apologists of government, it is when you are offering suggestions on ways to help government fine tune and implement its policies to benefit the majority of its citizens.

Dr. Boniface Chizea is Managing Consultant, BIC Consultancy Services, Lagos

 

Leave a comment

XHTML: You can use these html tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

%d bloggers like this: