Experts have warned that the government’s incoming digital IDs could be a target for phone thieves, holding information that could allow them to impersonate you or open a bank account in your name.
They are urging the government to ensure that the security laws put in place to protect people will continue to evolve with the technology hackers could use to access digital IDs.
Digital IDs, dubbed “Brit cards” by some, were announced by Sir Keir Starmer in September and will be rolled out in 2029. The cards, which will be stored on your phone as an app-based system, will contain your age and residency status and will be mandatory for anyone living in the UK, in a bid to tackle illegal immigration.
They will be used for employment checks, access to public services like social benefits, and verification processes across the private sector.
The plans have sparked controversy across the country as many claim they will infringe on civil rights and do little to prevent illegal immigrants from coming to the UK.
If my phone gets stolen, am I at risk of identity theft or fraud?
Around 80,000 phones were snatched in London alone last year. James O’Sullivan, the founder of smartphone security company Nuke From Orbit, said thieves already access the stolen devices to obtain personal information.
“We’re already seeing that play out in real time,” he told The Independent. “Now, criminals who steal phones don’t steal them for the phone. They steal it more for the data that is on it, and as the value and the breadth of that data increases, so will the volume and severity of the theft of things.”
The digital ID system will contain information including your name, date of birth, nationality and residency status, and a photo of yourself.
This information could be used in multiple ways, Mr O’Sullivan said. He says the digital ID will become very strong proof of who you are, and may be used to commit identity fraud and set up bank accounts in your name.
The government said digital credentials can easily be revoked and reissued if your phone gets stolen or lost. But Mr O’Sullivan said that while this is important, “time is of the essence”, and thieves will ultimately have a window in which they will still be active.
A large number of stolen phones are used to access bank accounts, and the money is then transferred or used to make purchases, according to Action Fraud. Mr O’Sullivan said thieves often have a few hours to do so before people are able to disable their phones and accounts.
Between December 2024 and February 2025, £641,208 in phone theft fraud was reported to the national fraud reporting centre.
Could digital IDs lead to a rise in phone theft?
Mr O’Sullivan does not think there will be an immediate rise in phone theft, but as more businesses start using digital IDs as the preferred way of identification, there will be more financial motivation to obtain them, which could eventually lead to more thefts.
“(The government is) not going to be putting things live that have security flaws in them,” he said. “They will be adhering to all the best practices at the moment.”
But with technology constantly advancing, there will be some risks, and it needs to ensure it continues to keep up with the latest security measures. “We need to make sure we reduce the risk to the public, and don’t simply replace current risks with new ones,” he added.
Aditya Hindocha from SquareTrade, a device protection provider, said the data stored on a single phone has become far more valuable than the device itself.
“Digital IDs will only concentrate this value further, making devices even more attractive for sophisticated criminals,” he continued.
“Protection solutions must evolve now, moving beyond physical hardware coverage to protect entire digital lives. As centralised digital identity systems emerge, they will dramatically heighten consumer risk profiles, making comprehensive digital protection not just valuable but essential.”
According to SquareTrade, the UK had the highest rates of phone theft across Europe this summer, accounting for 37 per cent of all theft and loss claims.
How secure will digital IDs be?
It is not yet certain what digital IDs will look like exactly and what kind of encryption will be in place, but cybersecurity expert Nick Ellison said people can expect them to be stored securely.
He suspects that those most at risk of stolen information will be people who do not secure their data or passwords safely. “Not everybody applies a Pin code or a password to their device, and plenty of people also have a habit of doing things like putting other Pin codes and passwords into unprotected notes on their phones,” Mr Ellison said.
“It’s the sort of lack of understanding or casual nature towards protecting (data) which can lead to that.”
A spokesperson for the Department of Science, Innovation and Technology said phone thieves accessing digital IDs would not be an issue, adding: “Just as phone thieves can’t spend money from your bank card, they won’t be able to access the information on your digital ID.
“We will use the facial recognition technology already in your phone to protect that data.”
With security measures in place and the ability to revoke the ID from a stolen device, the government said digital IDs will be far safer than physical documents.
It added that security and privacy would be at the heart of the programme, and it was currently developing the details to ensure it follows best practice. The government will be launching a public consultation later this year.
