Identity Theft

This article mainly relates to my Immigration article, but it is also important in its own right. Identity theft is a major problem and is becoming increasingly problematic as electronic systems allow records to be stolen by the millions. Certainly these same systems are also vulnerable to record insertion and removal, but the reality is that any identification system can be broken with enough resources. Low quality fingerprint readers have already been implemented in enough consumer products that it is highly probable at least one person in a room has a fingerprint reader. The problem with the current identity system is that it is almost entirely reliant on a collection of facts mixed with some low quality unique strings. Once the facts have been assembled, it can be extremely difficult to convince the legal system that you are a victim of identity theft.

In contrast, using fingerprints for legal record keeping significantly increases security. Sure, it is relatively easy to steal fingerprints, but high security transactions can have someone attest that the fingerprints were taken from an actual hand. Fingerprints also have the advantage of being easiest to preserve in high security paper files so that hacking is of lesser concern. Yet, fingerprints alone cannot be relied on for an identification system because there are people who are either born without hands or feet or who lose appendages in an accident. Facial recognition and iris pattern cameras are good as alternative identification methods, but their availability remains rather limited and the technologies have lower reliability. The best implementation would be registering newborns into the system, but there would have to be a secondary registration later to account for inaccuracies in identifying newborns.

As far as fighting identity theft itself, there is very little that can actually be done. Sure, people can be educated on proper information security practices, but people are lazy and no amount of education can ensure compliance. Creating endless account numbers for every interaction at least prevents a breach of medical confidentiality from affecting banking, but information is far more secure in bulk. Making things even harder is the widespread availability of false identification documents ranging from the fake IDs used to circumvent age restrictions that are actually good enough for most casual identification purposes to sophisticated forgeries that fool most computer validation systems.

Leave a Reply