Insecure credentials worry states, feds

Insecure credentials worry states, feds

Fake IDs are becoming as prevalent as fake currency was back in 1865, when the Secret Service was established to fight counterfeiting, said Richard L. Outland, the agency's assistant chief of forensic services.

Speaking today at the American Legislative Exchange Council's policy summit in Washington, Outland said about one-third of all currencies were counterfeit in the 19th century. Now the Secret Service is tracking rampant fraud in traveler's checks, credit cards, and so-called breeder documents such as birth and baptismal certificates, which let counterfeiters obtain genuine driver's licenses and other valuable credentials.

'Fake Virginia IDs were used by two of the terrorists in the World Trade Center attacks,' he said, and an al-Qaida agent in Detroit was found to have five genuine Michigan driver's licenses.

The Secret Service is preparing to open up its comparative image database of 100,000 fake and genuine credit cards and licenses to law enforcement agencies nationwide so they know what to look for, Outland said.

Details as small as the wrong color on a credit card border or the absence of fine microprint on a license can be a tipoff. 'More than 95 percent of counterfeiters use ink-jet or thermal dye diffusion printers that can't produce legible small print,' he said.

For better security, Outland advised a layered approach: capturing multiple kinds of identity data from each applicant, checking online for matching name and Social Security number, and issuing credentials with machine-readable bar codes or digital watermarks.

He said the Secret Service and 19 other federal agencies and 70 vendors have formed the Document Security Alliance to police how driver's licenses are produced and issued. 'A lot of states don't want this information discussed,' Outland added.

Another speaker, Ari Schwartz of the Center for Democracy and Technology in Washington, said bribery and lax security at motor vehicle offices in at least 15 states have led to thousands of cases of fraudulent licenses in identity theft.

'New Jersey had to fire its entire Newark office staff and change the name to rebuild trust,' he said. In Virginia, motor vehicle office clerks have received bribes as large as $2,000 to issue a single fake license, Schwartz said.

Reed Stager, a vice president of Digimarc Corp. of Beaverton, Ore., and chairman of the Document Security Alliance's government affairs committee, said there were 9.9 million victims of ID theft in 2003.

To cut down on fraud, several states are embarking on facial-recognition biometrics and shortening license validity to four years instead of 10, he said.

'Ideally, there should be 12 to 20 separate security features on a license,' Stager said. Besides a photo, bar code and magnetic stripe, he recommended sturdy polycarbonate lamination, laser engraving, ultraviolet and infrared images, digital signatures and watermarks, holograms, kinegrams and ghosted duplicate images to prevent photo swapping.

In addition, he said, states should centralize their license production to reduce chances for bribery and should mail new licenses to authenticated addresses'not hand them out over the counter.

inside gcn

  • cloud services (jijomathaidesigners/Shutterstock.com)

    AWS GovCloud gets more enterprise services

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group