June 27, 2006 | Backgrounder on National Security and Defense
Identity theft has become a hot topic in today's society, with television commercials oversimplifying and trivializing the threat by focusing on the potential financial consequences. Identity theft is a more serious threat than someone draining a grandmother's bank account. False or fraudulent documents could help terrorists enter the United States and establish themselves in preparation for an attack on the country. Since this country relies primarily on identity-based security systems, secure identity documents are critical to national security.
Taking advantage of the available technologies could help to minimize the inherent weaknesses in an identity-based security system. To secure documents from fraud, policymakers need to examine carefully the available technologies, reviewing their capabilities, requirements, infrastructure demands, and costs. They should also consider how these technologies could affect individual privacy and fundamental liberties. Finally, policymakers should work in conjunction with the private sector and other stakeholders to create a compendium of best practices that uphold the principles of federalism while ensuring a successful strategy for identity security.
Types of Identity Documents and Their Uses
"Identity document" refers to a wide variety of documents-from birth certificates to credit cards-that are used for many purposes. Because of this variety, it is important to distinguish between base identity documents, also known as breeder documents, and secondary identity documents.
For instance, an acceptable national base identity document is a birth certificate. Internationally, a passport is typically considered a base identity document. Secondary identity documents (e.g., driver's licenses, credit cards, immigration visas, and green cards) are obtained by showing proof of the base identity documents. Base identity documents can also be used to obtain access to specific data or secure locations at the workplace.
Types of Document Fraud
With so many types of identity documents, there inevitably are many ways to perpetrate fraud. Successfully replicating or emulating a base document increases the likelihood of obtaining legitimate secondary documents-or, rather, secondary documents that appear legitimate even though they are based on the false base documents. It is also possible to obtain legitimate secondary documents without base documents. Securing an identity document is a vital first step for a terrorist or anyone else who wants to enter the United States illegally.
Tactics for entering the United States using illicit documents include traveling on fake, stolen, or forged passports; hiding past travel by acquiring a new passport by claiming that the old passport was lost, stolen, or damaged; and traveling under "legitimate" passports that have been purchased blank and filled in with false personal data. Terrorists have also used legitimate means to enter the United States, including entering as students, requesting political asylum, and avoiding immigration inspection upon entrance. These tactics highlight the need for security professionals to be able to validate identity documents, not just generally to be on the lookout for fraudulent papers.
Behind every type of identity document should be a person. In this country, proof of a person's legal existence is often required for transactions and for access to places and things. From obtaining passports and visas to protecting critical infrastructure, security systems must be in place to ensure that the person requesting access to a location or information is actually the person indicated by that person's identity document. Currently, security officers have very limited means of validating documents and verifying that they are based upon legitimate breeder documents.
For example, the 9/11 hijackers used identity documents to enter United States repeatedly on non-immigrant visas. While these men could and should have been stopped for many reasons, their use of student and visitor visas was not one of those reasons. In fact, many known terrorists who have lived in or have been extradited from the United States entered legally and had legitimate green cards. In other words, they claimed immigrant status and were on the "path to citizenship."
Another potential weakness in relying on identity documents is the personnel who issue the documents. Are the guards and other personnel responsible for identity documents and access doing their jobs effectively and faithfully, or are they scoping out weaknesses in the system? For instance, in May 2004, workers at department of motor vehicles (DMV) centers in northern Virginia were selling driver's licenses on the side to people who were in the country illegally. Despite legislation that tightened loopholes, two more workers from the same DMV centers were arrested and convicted a year later. In addition to the nation's border, access to and protection of critical infrastructure also rely to a great extent on identity-based systems.
Current ID Validating Technologies
Basing a security system on identity documents is a convenient but flawed method of providing security. However, a wide range of available technologies could improve the ability of security systems based on identity documents to discriminate and verify identities accurately. Marking and radio frequency identification (RFID) tagging are two main types of such technology.
Better use of the technology holds promise for improving identity document standards and for hindering, if not preventing, criminals and terrorists from using identity documents for nefarious purposes. Policymakers should carefully examine the technologies available for securing identity information, including their capabilities, requirements, infrastructure demands, costs, and how they would affect individual privacy and fundamental liberties.
Marking. Marking something as a signal of authenticity has been used for thousands of years. The Romans used unbroken wax seals imprinted with the ruler's insignia to verify that messages and orders had not been revealed or tampered with. Although still used on the occasional wedding invitation, this ancient technology is not fit for today's security challenges. However, two types of advanced marking-digital and metal-could be used to apply a security layer to identity documents, thereby linking different layers of security or information to the document to verify its authenticity.
Digital marking involves storing information as an image. This could be a Social Security number or biometric information like a facial image or fingerprints. The digital mark consists of a layer in the card and is only machine-readable (i.e., invisible to the naked eye). Bar codes, laser engraving, microprinting, and watermarking are all types of digital marking. Cards with digital watermarks are designed to limit the validity of the ID and thus adapt to changing information requirements.
Digital watermarking has been used widely in the media industry to prevent piracy and on the Internet to secure Web sites and personal computers from hackers. The concept behind all digital watermarking technology is the same: A machine "reader" reads the watermark and checks the information against a database, such as terrorist watch lists.
Holograms are metal devices implanted in identification cards to allow a machine or a human eye to authenticate the document. Holograms do not connect automatically to other information or databases. The metal hologram is durable and can be adapted to new technologies or demands. The concept behind markings such as holograms is to provide an eye-readable or machine-readable marking that will prove effective and durable.
Because holograms can be read by the human eye, their use does not require that expensive equipment be provided to every local, state, and federal law enforcement officer. Instead, the hologram can be instantly authenticated, whether at the local DMV by a small machine or on a rural road by the human eye. This is particularly important to small communities that may not be able to afford machines for every field officer. A hologram can last up to 10 years, which keeps down upgrade costs, unlike many other technology solutions. Hologram technology is also reasonably mature.
RFID Tagging. Already popular for retail store security systems, an RFID tag has the capability to "talk" to its homing device, up to two meters away. For example, if someone tries to shoplift from the local mall, the tag in the item sets off alarms when the shoplifter carries it through the security point. The homing device that controls settings for the identification tag can be mobile or fixed. A tag can store and relay only minimal information. The amount and types of information stored depend on the type of encryption, the tag's memory, and the format of the stored information.
Research into RFID technology began in the United States in the early 1940s as a means by which to track allied and enemy planes. By the 1970s, the technology was used to track nuclear materials. Today, RFID technology has spread throughout the public and private sectors. Due to its versatility, people are now starting to use it in identity documents as well.
The technology behind RFID consists of a chip embedded in a tag and an antenna that transmits information from the chip to a reader that is hooked up to a database. Three types of tags exist: passive, semi-passive, and active. A passive tag does not contain a power source (e.g., a battery) and must be activated by another source. A semi-passive tag does not actively transmit, but it can store information. An active tag contains an individual power source, and its data can be updated or reconfigured throughout its lifecycle.
A wide variety of information in various forms may be stored on the chip. Financial institutions are using RFID technology to fight credit card fraud. The RFID technology is being developed to enable personal credit cards to be authenticated more accurately through read-once codes rather than the standard code that stays with the card for its lifecycle. This changing code, transmitted mere inches from the machine "reader," could reduce the risk of consumer credit card fraud.
A similar system could be used to secure base identity documents or even secondary identity documents. Information, ranging from biometrics to tracking data on entries into and exits from the country, could be stored on the chip. Most uses in government and the private sector continue to center around tracking physical materials, although the Department of State is considering using the technology in electronic passports and the Department of the Treasury is reviewing its use for access control and records management. The Department of Homeland Security (DHS) also plans to use it for the automated US-VISIT program, which tracks visitors' entries into and exits from the United States.
Although a relatively mature technology, RFID tags have been adopted only in approximately the past decade. The use of RFID technology continues to grow. The commercial sector and government agencies are working together to set standards and guidelines for more secure IDs, which are mandated by Homeland Security Presidential Directive 12 and the Intelligence Reform and Terrorism Prevention Act of 2004.
The central challenge for policymakers who wish to use RFID technology remains privacy. Most policy research in this area focuses on consumers and what happens to the information stored on the RFID chip once items have been purchased. Using RFID technology to authenticate identity documents raises concerns about the data collected by the tag, what data it stores, and how it stores the data. The Privacy Act of 1974, which addresses the "retrieval of personal information" rather than its subsequent use, may provide guidance on how RFID technology can be used.
In recent years, Congress has noted the need for secure identity documents. The Intelligence Reform and Terrorism Prevention Act of 2004 called on the DHS and the State Department to integrate travel documents with other intelligence for fighting terrorism and to support DHS and State Department field offices with appropriate technology. In 2005, Congress took measures to strengthen national security by using identity cards. An amendment in the 2005 appropriations bill authorizes the Department of Homeland Security to set federal standards for all state driver's licenses. It does not require that states add more information to driver's licenses, but it does set stricter security standards for the identity document-security standards that reach beyond the physical document itself.
Privacy Concerns. Privacy is a prominent concern in the discussion of how best to secure identity documents. Are the data stored on one large database or just on the ID itself? Generating IDs might be more difficult if the information is stored only on the electronic ID. The processes for gathering and authenticating the information remain, but resources would be able to focus on gathering and authenticating rather than physically protecting a large infrastructure system. In addition, abuse of personally identifiable information by individuals involved in ID fraud or by the government, even with the best intentions of securing the information, is a serious concern.
Congress should give serious thought to how the government can assist in safeguarding information from wrongdoers while maintaining government access to information needed to carry out legitimate law enforcement, capture terrorists and prevent terrorism, and combat other threats to national security.
Much of the public debate about information sharing and analysis uses the word "privacy" in a manner that is imprecise and misleading. For example, many of the most vocal privacy advocates assert that any time government obtains or uses information that someone would prefer not to disclose to the government constitutes a violation of the person's constitutional "right to privacy." However, the Supreme Court has flatly rejected this claim that the Fourth Amendment can "be translated into a general constitutional 'right to privacy.'"
Congress's efforts to regulate private information should be understood in constitutional context. Congress has been struggling with creating a legal framework that protects personal information while allowing the data to be used for security purposes. One such attempt is the proposed Data Accountability and Trust Act (H.R. 4127). Introduced in October 2005, the bill calls on the Federal Trade Commission to "protect consumers by requiring reasonable security policies and procedures to protect computerized data containing personal information and to provide for nationwide notice in the event of a security breach." Implementation of such legislation should be crafted to address privacy and security concerns adequately.
The federal government is not alone in its quest for good security policy that balances privacy concerns. Many states from California to New York are debating legislation in their legislatures to mitigate privacy infringements unwittingly created by federal policies.