Cutting off identity-based fraud at the source
- By Monty Faidley
- Jun 12, 2014
Government agencies are facing significant challenges with identity fraud, with an overwhelming number of fraudsters trying to beat the system and often succeeding. And when identity-based fraud runs rampant, where should government IT managers start? How can they cut off access to many of these schemes and help their agencies become fraud free?
The answer starts at an agency most of us take for granted, the Department of Motor Vehicles. According to fraudoftheday.com, many instances of identity theft and government fraud depend on the ability to obtain DMV-issued “fake” driver’s licenses. At the same time, DMVs can serve as a frontline defender against identity fraud by using an identification solution backed by a combination of internal and external databases.
Even before fraudsters come on the scene, IT managers recognize that government identity data accuracy is already inconsistent . The first step in any enhanced driver’s license verification process is for DMVs to understand the current state of their identity data and cleanse the system of multiple, synthetic or fraudulent identities. Issues DMVs must address include:
1. Self-reported data. The identity information used to obtain a driver’s license is supplied directly from the applicant and is assumed to be accurate.
2. Boundary blindness. Limitations with information sharing between agencies, departments and across state lines makes access and verification of applicant data difficult or impossible.
3. Internal threats. Employees working on behalf of their own interests can compromise the integrity of the system.
4. Old system identities. Once someone is issued a license, the identity data provided often stays as a static image. Although the identity itself is dynamic and evolves over time, not everyone informs government agencies of those changes.
Identity data cleansing should include the development and assignment of a unique identifier to each identity in the system beyond the use of a Social Security numbers, which are prone to errors, manipulation or compromise. In fact, the Social Security Administration has stated multiple times that SSNs should not be used as an individual’s identifier, implying that an identifier other than the SSN should be used in identity management systems.
A unique identifier, which would be created by combining internal and external nationwide data sources, would resolve identities based upon different characteristics associated with an individual and how he has represented himself to organizations outside the DMV. A unique identifier links and organizes multiple pieces of information quickly and accurately, all while protecting private information such as SSNs and resolving any errors that may exist in a system.
The second step in a license verification process is the use of identity verification and authentication solutions that will help agencies ensure data entering the system is clean and further strengthen the verification process at the point of origination.
An identity authentication solution, for example, could give DMVs the ability to generate random, multiple choice questions for an individual derived from non-wallet based data using data pulled from public, publicly available and commercial databases. The advanced quiz engine would tailor questions to the individual requesting the driver’s license, requiring identity verification beyond just name, address and SSN, which can be easily falsified.
This check allows DMVs to instantly authenticate an individual for both online and in-person transactions. The external databases would complement those typically accessed by DMVs and provide a more complete, national view of the identity being presented.
Using unique identifiers can also:
- Identify synthetic identities registered multiple times under similar aliases with slightly modified information.
- Catch fraudulent identities tied to either deceased or incarcerated individuals.
- Eliminate boundary blindness by allowing multiple government agencies to share the unique identifier.
- Enable dynamic monitoring for duplications within government-sponsored benefits programs.
The use of phony licenses by fraudsters affects both state and federal government agencies. Improper benefits payments and the amount of effort required to chase down fraudsters results in lost productivity, resources and revenue. By building a unique identifier backed by a combination of internal and external databases – the power of identity verification and authentication solutions – the DMV can serve as a frontline defender against identity fraud and stop the problem at the source.