CNET también está disponible en español.

Ir a español

Don't show this again

Christmas Gift Guide
Tech Industry

Solving security's not mission impossible

But Florida ID fraud coordinator Capt. David Myers says most states continue to ignore technology that could plug holes in the government's defenses against fraud.

Federal and state officials are paying close attention to border control and airport safety, and rightly so. But we are overlooking one of the secrets to terrorist success: Driver's licenses are easily forged "source" documents that breed key documents like passports and visas.

Consider that seven of the 9/11 terrorists had fake driver's licenses. Could we have averted disaster had they not been so easy to get? We don't want to ask such a question again.

Identity verification, though currently a large hole in our nation's security net, is easy and inexpensive to fix. This is an opportunity for the states and the federal government to work together in making a huge difference in our national security.

Driver's licenses are the magic key that unlocks access to almost every area of American life, and terrorists take full advantage. The FBI recently testified before the Senate Committee on the Judiciary's Subcommittee on Technology, Terrorism and Government Information that "stolen identity provides a cloak of anonymity for the subject (terrorist) while the groundwork is laid to carry out the crime." With a fraudulent ID, terrorists can obtain employment, and open bank accounts and credit cards to funnel financing abroad. Therefore we need to keep terrorists from getting these IDs.

Driver's licenses have fewer security features than passports, and, alarmingly, they are easier to get. The standards used from state to state to obtain licenses vary wildly and put everyone at risk. There are more than 240 different valid types of driver's licenses from the 50 states. California alone has 14 types of license. No security screener can know the safety and ID features of each.

The use of false IDs is reaching epidemic proportions. Last year, upwards of 10 million false IDs were confiscated across America. And don't think fake driver's licenses are just used by mischievous teenagers: More than 20 percent of false IDs confiscated every year belong to people between the ages of 35 and 45.

The use of false IDs is reaching epidemic proportions.
The quality of the false documents is also improving. In 2000, only 10 percent of false IDs were deemed "high quality"; in 2001, that count jumped to 35 to 40 percent. Licenses and documents are the foundation of our national security structure. We need to fix the cracks in our foundation before spending on a fancy roof.

What should we do? Each state should be able, at a minimum, to authenticate the other 49 state licenses as well as passports. This is our most important challenge, and it does not require complete system interoperability, just the basic ability to access critical files.

If this basic level of interstate authentication is not realized, then the whole exercise becomes moot. There would be nothing preventing someone from using a false driver's license from one state to get a completely legitimate and valid license in another state. And from there, the way is open to obtain other documents, bank accounts and passports.

We need to be cautious in determining which security features to add to make IDs hard to forge. As a nation, we need to have standardized security features that can be authenticated today, or it does us no good. Any single feature can be compromised; it is the combination of a variety of security features that will achieve success.

Implementing these standardized security features requires a combination of hardware, software and, of course, training. The hardware needs to be able to check ink types and magnetic-stripe, 1D and 2D bar codes. It should be able to scan infrared and ultraviolet images to determine if they have been tampered with. The software not only needs to be easy to integrate, but also able to quickly search databases. The bandwidth to make this possible should not be an issue, as all of this critical data can be encrypted.

Pull quote:

For the cost of outfitting just one airport with the latest bomb-detection technology, we could fortify and authenticate every driver's license and passport issued in the whole country.
The solution is here now--has been for years--and is cheap. It's called document authentication technology, and it's cut down ID fraud in many countries. This sophisticated documetric, or document-analyzing, platform for text and pattern recognition and analysis can also add biometric applications such as facial recognition and fingerprint analysis. For the cost of outfitting just one airport with the latest bomb-detection technology, we could fortify and authenticate every driver's license and passport issued in the whole country.

Although states are generally less likely to allocate funds for any new initiative during a recession, it would be difficult for lawmakers to downplay the importance of solving this ongoing threat to our national security with a proven technology. The Swedish National Police, the Hungarian border police, the Finland Frontier Guards and others have used this same technology for years with remarkable success.

The initiative will pay for itself--fully seven cents of every dollar worldwide is estimated to go towards fraud. The reduction of this number by even one cent through better authentication will save hundreds of millions of dollars and prevent crimes each year. More importantly, document authentication saves lives. Furthermore, the technology that is available today does not require a costly training program and can be successfully operated by any Department of Motor Vehicles employee.

States have already created the electronic infrastructure needed to communicate warrants, violations and fines. DMV databases can easily be linked to each other and to FBI watch-lists to stop terrorists before they start. This document authentication technology can stand alone or be easily integrated into any of these existing networks.

Under government auspices, privacy is not an issue as identity-verification technology is nonintrusive. Rather, it safeguards every American's identity and prevents ID theft, which is a growing problem.

Preventing ID fraud equals less crime and terrorism and more lives saved. We need to look hard at fortifying the country's document authentication procedures, the front lines of our security. We must not put the cart before the horse in homeland defense, spending inordinately more on fancy systems when we can easily cut the legs out of terrorist activity with simpler and cheaper document authentication technology.

The time is now. Federal and state officials can work cooperatively to make a huge and tangible difference. It is the one small step for America we can take to greatly improve our security.