Successfully Securing Identity Documents: A Primer on Preventive Technologies and ID Theft

Report Defense

Successfully Securing Identity Documents: A Primer on Preventive Technologies and ID Theft

June 27, 2006 11 min read Download Report

Contributors: Alane Kochems and Laura Keith

Identity theft has become a hot topic in today's society, with television commercials oversimplifying and trivializing the threat by focusing on the potential financial consequences. Identity theft is a more seri­ous threat than someone draining a grandmother's bank account. False or fraudulent documents could help terrorists enter the United States and establish themselves in preparation for an attack on the coun­try. Since this country relies primarily on identity-based security systems, secure identity documents are critical to national security.

Taking advantage of the available technologies could help to minimize the inherent weaknesses in an identity-based security system. To secure docu­ments from fraud, policymakers need to examine carefully the available technologies, reviewing their capabilities, requirements, infrastructure demands, and costs. They should also consider how these technologies could affect individual privacy and fundamental liberties. Finally, policymakers should work in conjunction with the private sector and other stakeholders to create a compendium of best practices that uphold the principles of federalism while ensuring a successful strategy for identity security.

Types of Identity Documents and Their Uses

"Identity document" refers to a wide variety of doc­uments-from birth certificates to credit cards-that are used for many purposes. Because of this variety, it is important to distinguish between base identity documents, also known as breeder documents, and secondary identity documents.

For instance, an acceptable national base iden­tity document is a birth certificate. Internation­ally, a passport is typically considered a base identity document. Secondary identity docu­ments (e.g., driver's licenses, credit cards, immi­gration visas, and green cards) are obtained by showing proof of the base identity documents. Base identity documents can also be used to obtain access to specific data or secure locations at the workplace.

Types of Document Fraud

With so many types of identity documents, there inevitably are many ways to perpetrate fraud. Successfully replicating or emulating a base docu­ment increases the likelihood of obtaining legiti­mate secondary documents-or, rather, secondary documents that appear legitimate even though they are based on the false base documents. It is also possible to obtain legitimate secondary docu­ments without base documents. Securing an iden­tity document is a vital first step for a terrorist or anyone else who wants to enter the United States illegally.

Tactics for entering the United States using illicit documents include traveling on fake, sto­len, or forged passports; hiding past travel by acquiring a new passport by claiming that the old passport was lost, stolen, or damaged; and travel­ing under "legitimate" passports that have been purchased blank and filled in with false personal data. Terrorists have also used legitimate means to enter the United States, including entering as students, requesting political asylum, and avoid­ing immigration inspection upon entrance.[1] These tactics highlight the need for security pro­fessionals to be able to validate identity docu­ments, not just generally to be on the lookout for fraudulent papers.

The Problem

Behind every type of identity document should be a person. In this country, proof of a person's legal existence is often required for transactions and for access to places and things. From obtaining pass­ports and visas to protecting critical infrastructure, security systems must be in place to ensure that the person requesting access to a location or informa­tion is actually the person indicated by that person's identity document. Currently, security officers have very limited means of validating documents and verifying that they are based upon legitimate breeder documents.

For example, the 9/11 hijackers used identity documents to enter United States repeatedly on non-immigrant visas. While these men could and should have been stopped for many reasons, their use of student and visitor visas was not one of those reasons. In fact, many known terrorists who have lived in or have been extradited from the United States entered legally and had legitimate green cards. In other words, they claimed immigrant sta­tus and were on the "path to citizenship."[2]

Another potential weakness in relying on identity documents is the personnel who issue the docu­ments. Are the guards and other personnel responsi­ble for identity documents and access doing their jobs effectively and faithfully, or are they scoping out weaknesses in the system? For instance, in May 2004, workers at department of motor vehicles (DMV) centers in northern Virginia were selling driver's licenses on the side to people who were in the country illegally. Despite legislation that tight­ened loopholes, two more workers from the same DMV centers were arrested and convicted a year later.[3] In addition to the nation's border, access to and protection of critical infrastructure also rely to a great extent on identity-based systems.

Current ID Validating Technologies

Basing a security system on identity documents is a convenient but flawed method of providing security. However, a wide range of available tech­nologies could improve the ability of security sys­tems based on identity documents to discriminate and verify identities accurately. Marking and radio frequency identification (RFID) tagging are two main types of such technology.

Better use of the technology holds promise for improving identity document standards and for hin­dering, if not preventing, criminals and terrorists from using identity documents for nefarious pur­poses. Policymakers should carefully examine the technologies available for securing identity informa­tion, including their capabilities, requirements, infra­structure demands, costs, and how they would affect individual privacy and fundamental liberties.

Marking. Marking something as a signal of authenticity has been used for thousands of years. The Romans used unbroken wax seals imprinted with the ruler's insignia to verify that messages and orders had not been revealed or tampered with. Although still used on the occasional wedding invi­tation, this ancient technology is not fit for today's security challenges. However, two types of advanced marking-digital and metal-could be used to apply a security layer to identity documents, thereby linking different layers of security or information to the document to verify its authenticity.[4]

Digital marking involves storing information as an image. This could be a Social Security number or biometric information like a facial image or finger­prints. The digital mark consists of a layer in the card and is only machine-readable (i.e., invisible to the naked eye). Bar codes, laser engraving, microprint­ing, and watermarking are all types of digital mark­ing. Cards with digital watermarks are designed to limit the validity of the ID and thus adapt to chang­ing information requirements.

Digital watermarking has been used widely in the media industry to prevent piracy and on the Internet to secure Web sites and personal computers from hackers. The concept behind all digital watermark­ing technology is the same: A machine "reader" reads the watermark and checks the information against a database, such as terrorist watch lists.

Holograms are metal devices implanted in iden­tification cards to allow a machine or a human eye to authenticate the document. Holograms do not connect automatically to other information or data­bases. The metal hologram is durable and can be adapted to new technologies or demands. The con­cept behind markings such as holograms is to pro­vide an eye-readable or machine-readable marking that will prove effective and durable.

Because holograms can be read by the human eye, their use does not require that expensive equipment be provided to every local, state, and federal law enforcement officer. Instead, the holo­gram can be instantly authenticated, whether at the local DMV by a small machine or on a rural road by the human eye. This is particularly important to small communities that may not be able to afford machines for every field officer. A hologram can last up to 10 years, which keeps down upgrade costs, unlike many other technology solutions. Hologram technology is also reasonably mature.

RFID Tagging. Already popular for retail store security systems, an RFID tag has the capability to "talk" to its homing device, up to two meters away. For example, if someone tries to shoplift from the local mall, the tag in the item sets off alarms when the shoplifter carries it through the security point. The homing device that controls settings for the identification tag can be mobile or fixed. A tag can store and relay only minimal information. The amount and types of information stored depend on the type of encryption, the tag's memory, and the format of the stored information.

Research into RFID technology began in the United States in the early 1940s as a means by which to track allied and enemy planes. By the 1970s, the technol­ogy was used to track nuclear materials.[5] Today, RFID technology has spread throughout the public and pri­vate sectors. Due to its versatility, people are now starting to use it in identity documents as well.

The technology behind RFID consists of a chip embedded in a tag and an antenna that transmits information from the chip to a reader that is hooked up to a database. Three types of tags exist: passive, semi-passive, and active. A passive tag does not contain a power source (e.g., a battery) and must be activated by another source. A semi-passive tag does not actively transmit, but it can store information. An active tag contains an indi­vidual power source, and its data can be updated or reconfigured throughout its lifecycle.[6]

A wide variety of information in various forms may be stored on the chip. Financial institutions are using RFID technology to fight credit card fraud. The RFID technology is being developed to enable personal credit cards to be authenticated more accu­rately through read-once codes rather than the stan­dard code that stays with the card for its lifecycle. This changing code, transmitted mere inches from the machine "reader," could reduce the risk of con­sumer credit card fraud.

A similar system could be used to secure base identity documents or even secondary identity doc­uments. Information, ranging from biometrics to tracking data on entries into and exits from the country, could be stored on the chip. Most uses in government and the private sector continue to cen­ter around tracking physical materials, although the Department of State is considering using the tech­nology in electronic passports and the Department of the Treasury is reviewing its use for access control and records management.[7] The Department of Homeland Security (DHS) also plans to use it for the automated US-VISIT program, which tracks visitors' entries into and exits from the United States.[8]

Although a relatively mature technology, RFID tags have been adopted only in approximately the past decade. The use of RFID technology continues to grow. The commercial sector and government agencies are working together to set standards and guidelines for more secure IDs, which are man­dated by Homeland Security Presidential Directive 12[9] and the Intelligence Reform and Terrorism Pre­vention Act of 2004.

The central challenge for policymakers who wish to use RFID technology remains privacy. Most policy research in this area focuses on consumers and what happens to the information stored on the RFID chip once items have been purchased. Using RFID tech­nology to authenticate identity documents raises con­cerns about the data collected by the tag, what data it stores, and how it stores the data. The Privacy Act of 1974, which addresses the "retrieval of personal infor­mation" rather than its subsequent use, may provide guidance on how RFID technology can be used.[10]

Current Legislation

In recent years, Congress has noted the need for secure identity documents. The Intelligence Reform and Terrorism Prevention Act of 2004 called on the DHS and the State Department to integrate travel documents with other intelligence for fighting ter­rorism and to support DHS and State Department field offices with appropriate technology.[11] In 2005, Congress took measures to strengthen national secu­rity by using identity cards. An amendment in the 2005 appropriations bill authorizes the Department of Homeland Security to set federal standards for all state driver's licenses. It does not require that states add more information to driver's licenses, but it does set stricter security standards for the identity docu­ment-security standards that reach beyond the physical document itself.

Privacy Concerns. Privacy is a prominent con­cern in the discussion of how best to secure identity documents. Are the data stored on one large data­base or just on the ID itself? Generating IDs might be more difficult if the information is stored only on the electronic ID. The processes for gathering and authenticating the information remain, but resources would be able to focus on gathering and authenticating rather than physically protecting a large infrastructure system. In addition, abuse of personally identifiable information by individuals involved in ID fraud or by the government, even with the best intentions of securing the informa­tion, is a serious concern.

Congress should give serious thought to how the government can assist in safeguarding information from wrongdoers while maintaining government access to information needed to carry out legiti­mate law enforcement, capture terrorists and pre­vent terrorism, and combat other threats to national security.

Much of the public debate about information sharing and analysis uses the word "privacy" in a manner that is imprecise and misleading. For exam­ple, many of the most vocal privacy advocates assert that any time government obtains or uses informa­tion that someone would prefer not to disclose to the government constitutes a violation of the person's constitutional "right to privacy." However, the Supreme Court has flatly rejected this claim that the Fourth Amendment can "be translated into a general constitutional 'right to privacy.'"[12]

Congress's efforts to regulate private information should be understood in constitutional context. Congress has been struggling with creating a legal framework that protects personal information while allowing the data to be used for security pur­poses. One such attempt is the proposed Data Accountability and Trust Act (H.R. 4127). Intro­duced in October 2005, the bill calls on the Federal Trade Commission to "protect consumers by requiring reasonable security policies and proce­dures to protect computerized data containing per­sonal information and to provide for nationwide notice in the event of a security breach." Implemen­tation of such legislation should be crafted to address privacy and security concerns adequately.

The federal government is not alone in its quest for good security policy that balances privacy con­cerns. Many states from California to New York are debating legislation in their legislatures to mit­igate privacy infringements unwittingly created by federal policies.[13]


Alane Kochems

Policy Analyst, National Security

Laura Keith