The Immigration Department today reiterated that the new smart identity card has adopted multi-level safeguards to ensure the personal data stored in the card’s chip is protected.

​​

The department issued the clarification regarding recent rumours that the card’s new contactless technology leaves it more vulnerable to personal data theft.

​​It explained the new card’s identity verification process is absolutely secure and accurate.

Only authorised optical card readers can interpret the chip and it is impossible for readers to access its personal data without a specific algorithm.

Moreover, access to chip data can only be initiated by the designated cardholder who must physically place the card onto an authorised card reader. 

The verification process would then be conducted using the combination of an optical card reader and wireless transmission technology. Throughout the entire process, all communication and data transmission would be encrypted.

If the cardholder does not take out the new smart identity card, it is impossible for others to remotely read the chip data without notice by the cardholder.

​​

At different stages of the Next Generation Smart Identity Card System implementation, the department engaged independent consultants to conduct assessments on privacy and security impacts to ensure the card complies with the Personal Data (Privacy) Ordinance.

Those assessments have confirmed the safeguards adopted have effectively prevented unauthorised access to personal data.

​​The department noted several groups in the community had distributed free card protectors, claiming it would block radio frequency identification to prevent personal data theft.

It added that there is no case of unauthorised access to the new smart identity card and the relevant message is misleading.