FUJ00152140
FUJ00152140
ICL Pathway Evidential Information - Production v Ref: RSIPROMOSO
nil i i ersion:
Certification and Retention (PACE) Date: 04/08/98
Document Title: Evidential Information - Production, Certification &
Retention (PACE).
Document Type: Process
Abstract: A description of the process required to demonstrate the
integrity of a PACE certificate and the associated
declaration.
Status: Initial draft
Distribution: Graham King
Matthew Cooper (Alliance & Leicester)
Graham Hooper (Alliance & Leicester)
Pete Spence
Alan D’Alvarez
Christopher Billings
Dave Campbell (ICL Outsourcing)
Martyn Bennett
Library
Author: Barry Procter
Comments to: Author
Comments by: 14" August 1998
COMMERCIAL IN CONFIDENCE Page 1 of 9
FUJ00152140
FUJ00152140
ICL Pathway Evidential Information - Production vl Ref: RSIPROMOSO
nil i i ersion:
Certification and Retention (PACE) Date: 04/08/98
0 Document control
0.1 Document history
Version Date Reason
0.1 4/08/98 Initial draft for comment
0.2 Approval authorities
Name Position Signature Date
Martyn Bennett Director, Quality & Risk
0.3 Associated documents
Reference Vers Date Title Source
DW/REQ/0017 1.6 ?? FCMS System Requirements Pathway
Specification
PACE 1984 Police & Criminal Evidence Act HMSO
0.4 Abbreviations
CAPS Customer Accounting & Payment Service
OPS Office Platform Service
PACE Police and Criminal Evidence Act
FCMS Fraud Case Management System
0.5 Changes in this version
None
COMMERCIAL IN CONFIDENCE Page 2 of 9
© 1998 ICL Pathway Ltd
FUJ00152140
FUJ00152140
ICL Pathway Evidential Information - Production Ref: RS/PRO/030
Certification and Retention (PACE) Version: ° 108 08
0.6 Table of content
. Introduction.
. Scope....
1
2
3. Production and Retention of Computer Evidence. ...............:.::ccceeceeeeeeeeeeeeee
A. Certification... eeeccececee ec eececeeeceeesceceeeeesescsessseeeeeeseseeeeseeseeesenssetseeseeeeeeeeeets
4.1. Certification Process.
a
. Secondary Evidence.
fon)
- APPendix Av... eccecce cece cee escecceceeceeceecseeeceecaececesceecseceeseeaececseseecaeeeceeteesaseeseeeate
COMMERCIAL IN CONFIDENCE Page 3 of 9
FUJ00152140
FUJ00152140
ICL Pathway Evidential Information - Production Ref: RS/PRO/030
Certification and Retention (PACE) Version: ° 108 08
Introduction
Prima facie evidence to be presented for benefit payment fraud prosecutions
is obtained solely from the ICL Pathway Fraud Case Management System
(FCMS). This computer output is only admissible in evidence where special
conditions are satisfied. These conditions are described in detail in Section
69 of the Police and Criminal Evidence Act (PACE) 1984 and require ICL
Pathway to provide ‘honest’ certification of such computer-generated
evidence.
Scope
This process describes the PACE certification of computer evidence
originating within the ICL Pathway Fraud Case Management System (FCMS)
to support benefit payment fraud prosecutions.
This process also identifies secondary evidence which must be produced to
demonstrate the integrity of the PACE certificate if the court or the defence so
desires.
Production and Retention of Computer Evidence
The method by which the ICL Pathway Fraud Case Management System data
is populated, and the steps taken to ensure its secure retention are described
in [4].
[DN - Need to check the accuracy of this statement]
Certification
Irrespective of the number of fraud prosecutions that the ICL Pathway FCMS
supports, a PACE certificate must be provided for each individual
prosecution.
Section 69 of PACE provides that:
“In any proceedings, a statement in a document produced by a computer
shall not be admissible as evidence of any fact therein unless it is shown-
a) that there are no reasonable grounds for believing that the statement is
inaccurate because of improper use of the computer and;
COMMERCIAL IN CONFIDENCE Page 4 of 9
FUJ00152140
FUJ00152140
ICL Pathway Evidential Information - Production Ref: RS/PRO/030
Certification and Retention (PACE) Version: ° 108 08
b) that at all material times the computer was operating properly or, if not, that
any respect in which it was not operating properly or was out of operation
was not such as to affect the production of the document or the accuracy of
its contents.”
It is therefore vitally important that whoever signs the PACE declaration on
behalf of ICL Pathway can be assured that (b) above is true for “all material
times”.
Traditionally, PACE certificates are signed by a senior member of the
Computer Operations staff responsible for managing the computer installation
and its associated networks. ICL Outsourcing performs this role as a
managed service for ICL Pathway, and it is assumed that the information
required for their assurance is already available to them in day-to-day
operational documentation and as management information.
4.1. Certification Process
The manager of the ICL Pathway Fraud Risk Management team, or his
deputy, will advise a nominated member of ICL Outsourcing of the relevant
dates and times for which a PACE certificate is required.
The ICL Outsourcing nominee will consult proprietary operational records
pertaining to computer and network operations on the dates and times
advised, in order to satisfy himself that the certificate can be signed with
confidence. The certificate (see example at Appendix A) contains a
declaration including the statement “/ sign this certificate knowing that I shall
be liable for prosecution if I have stated in it anything which I know to be false
or do not believe to be true”, it is therefore in his rational self-interest to
ensure a) that the logs are adequately comprehensive and b) that they are
investigated thoroughly.
A statement should accompany the certificate to the effect that additional
(secondary) evidence to support the certificate can be produced if so desired.
To offer all the evidence without it being requested would only serve to flood
the courtroom with documentation
Secondary Evidence
In order to demonstrate the integrity of a Horizon PACE certificate for the
Benefit Payment Service, it is necessary to describe the information flow from
CAPS to OPS and from OPS to the FCMS and to illustrate where
cryptographic and integrity protection are applied.
COMMERCIAL IN CONFIDENCE Page 5 of 9
FUJ00152140
FUJ00152140
ICL Pathway Evidential Information - Production Ref: RS/PRO/030
Certification and Retention (PACE) Version: wos 08
End to End Payment Protection
(Benefits Agency)
oo File integrity protected by RedPike encryption
(SMDS link) I~<—— of either file checksums or TPDU data packets
<< Payment data transferred in clear
Pathway Central
Sites (secure domain) << Digital Signature added to each payment
<—____.
HN Payment authorisationdata
transferred & stored with
digital signature protection
= «—_-
<>
Signature verified on
Figure 1 - BPS Information Flow
[DN - Need to update this figure to show OPS to FCMS]
Given the magnitude and complexity of the Horizon system, it is conceivable
that the integrity of the PACE certificate will be challenged by a defendant’s
Solicitor in order to discredit a prosecution. If it is not possible to demonstrate
the certificate’s integrity to the Court's satisfaction, a very dangerous
precedent will have been set and all subsequent prosecutions will be
automatically jeopardised. However, the corollary is also true and a
successful demonstration of honest certification will stand all subsequent
prosecutions in good stead.
Comprehensive records pertaining to the site(s), services and individuals
concerned can and should be produced for all material times. These records
will serve to show that the relevant services were available at all material
times, were operating properly and had not been used inappropriately.
This secondary evidence should include, but is not restricted to, the following:
e An external Auditor's certificate of data integrity;
Logs of calls to the Horizon System Helpdesk and the Payment Card Helpline
detailing incidents of error, inaccuracy or malfunction pertaining to the sites,
equipment, services and individuals concerned;
¢ A log of ISDN ‘ping’ records which demonstrate the availability of network
communications between the affected site(s) and the Data Centre;
e Operational logs and shift handover documentation to demonstrate consistent
COMMERCIAL IN CONFIDENCE Page 6 of 9
FUJ00152140
FUJ00152140
ICL Pathway Evidential Information - Production Ref: RS/PRO/030
Certification and Retention (PACE) Version: ° 108 08
operation and availability of the service.
Secure NT, Dynix and SecurlD definitions;
Testimony from expert witnesses stating that, in their experience this
(incident) has never happened or, if it had, that it would be reflected in the
relevant audit log.
Appendix A
DECLARATION
e To the best of my knowledge and belief there are no reasonable grounds
for believing that the information or statement in the document(s) identified
above is inaccurate because of improper use of the computer system.
e At all material times the computer devices were operating properly, or if
not, any aspect in which they were not operating properly, or were out of
operation, was not such as to affect the integrity of the data processed, the
production of the document(s) or the accuracy of its content.
e I occupy a responsible position in relation to the computer systems,
namely: Manager of System Services.
e I sign this certificate knowing that I shall be liable to prosecution if I have
stated in it anything which I know to be false or do not believe to be true.
Signature witnessed by?..........cccsseeeeeeeeeeeeneeeeeeee Martyn Bennett
Date:
Full name and address of employment: ICL Pathway, Forest Road,
Feltham, Middlesex. TW13 7EJ
COMMERCIAL IN CONFIDENCE Page 7 of 9