Forging Ahead
New technologies, best practices outwit document counterfeiters
- By Rick Outland
- Feb 01, 2008
As countless counterfeiting successes
have demonstrated,
depending solely upon a visual
inspection for verification
of a document is not sufficient. Equipment
and tools are available today that put counterfeiting
ability in the hands of those who
previously did not have the appropriate
graphic or printing skills, making law
enforcement’s efforts to stop this crime
much more difficult.
The continuing sophistication of desktop
color printers, color laser copiers, highresolution
color scanners, imaging and
editing software and digital cameras, coupled
with the exchange of information on
the Internet, has put document counterfeiting,
alteration and photo substitution capabilities
into the realm of the general public.
As a result, the ease of obtaining fraudulent
identification and phony breeder documents
of usable quality has greatly
increased, as has the need for additional
layers of security to be incorporated in the
document. The variety of identification
document formats also has made the visual
authentication by humans more difficult
and often insufficient to detect fraud. To
ensure the ability to discern authentic documents,
the use of machine-readable technologies
is increasingly necessary.
Current Efforts
The key to machine-readable technology is
interoperability, meaning that the technology
should be readable on a global scale.
Interoperability of document information is
essential in any environment where the
receiving party or agency is different from
the issuer. Common sets of operating rules
must be in place to ensure that documents can
be accepted and their authenticity validated.
Cost-appropriate technologies that secure the
assessed risks and threats are required.
Today, most U.S. driver’s licenses use
one or more machine-readable features,
including 2-D bar codes—which are used
by most jurisdictions—digital watermarks
and magnetic stripes. This does not preclude
the continued use of any other
machine-readable technology or the addition
of others as technology develops.
The Document Security Alliance was
created by government agencies, private
industry and academia to identify methods
to improve security documents and related
security procedures to combat the growing
use of counterfeit documents in identity
theft and fraud, terrorism, illegal purchases
of controlled substances and firearms, illegal
immigration and other criminal acts.
Recognizing the need to continuously
improve document security and the
issuance process to combat new and existing
threats, DSA is dedicated to educating
those responsible for secure document
issuance, distribution and use on the value
of improving the security and reliability of
ID documents. The group is committed to
developing recommendations to appropriate
federal and state government agencies,
private industry and policymakers to
improve the processes and procedures surrounding
document security.
DSA membership consists of more than
a dozen government agencies and organizations
(including the Secret Service,
Transportation Security Administration,
Department of Homeland Security, Social
Security Administration, Federal Bureau of
Investigation, Food and Drug
Administration, and Departments of
Treasury and State), as well as more than
75 companies participating in the document
security area. Private-sector entities
and trade associations primarily represent
the credentialing industry, including systems
integrators, card manufacturers,
secure printing companies, printer manufacturers,
security features producers and
biometric providers.
Credentialing Best Practices
The Document Security Alliance has identified a number of best practices that have
already been implemented by government issuers of photo IDs in some sectors within
the United States.
• Upgrade requirements in obtaining and authenticating breeder documents (birth
certificates, Social Security cards, driver’s licenses) used in issuing IDs.
• Incorporate new technologies to enable cross-jurisdictional point-of-inspection
machine-readable ID authentication, allowing for quick verification of the ID.
• Move toward issuance of IDs from secure facilities to enable verification processes
and provide better control over materials and security features.
• Establish systems for facial recognition-based image identity verification.
• Implement capabilities for cross-database applicant verification.
• Shorten issuance and validity periods to ensure accurate records and enable
security feature renewal/upgrade.
• Provide appropriate resources, training and equipment to state DMVs and other
government-issuing authorities to upgrade issuance, authentication and verification
processes and incorporate new security features.
• Establish laws (e.g., SAFE ID Act) to provide law enforcement with tools to combat
ID counterfeiting. |
Elements of Secure ID
In order to improve document security, it is
important to understand and improve how
an applicant is qualified and how a secure
ID is issued and used. DSA believes any
secure ID infrastructure must include the
following:
Data capture. Obtain the applicant’s
photograph, demographic information,
supporting documents (such as breeder
documents), a digital signature and, if
necessary, appropriate biometrics.
Identification verification. Authenticate
an applicant’s credentials and breeder documents,
and compare select information
against the issuing authority’s databases
or other records (i.e., Social Security
Administration data). Note that privacy best
practices would suggest this be a point-topoint
interaction and not a centralized hub
or repository where personal information
could be accessed.
Secure ID production. Use processes
and technologies that enable secure ID
issuance.
Secure ID credentials. Incorporate a
layered, durable architecture that includes
both difficult-to-counterfeit materials with
sophisticated laminating and finishing
processes and a number of overt, covert
and forensic security features.
Authenticating IDs. Verify, without
infringing on an individual’s personal privacy,
the authenticity of a proffered government-
issued photo ID, no matter where
it was issued, at all various points of
inspection or transaction—public or private
sector.
Facets of Protection
Documents and cards may be secured in a
number of ways, including the use of various
features or devices. Printing techniques—
such as deliberate errors and
flaws, non-standard print fonts, background
printing patterns, microprinting and
rainbow printing—help make documents
more unique and difficult to counterfeit.
Chemically reactive, infrared and ultraviolet
fluorescent inks also are options to consider.
Embedding features like threads and
fibers, taggant and/or markers in materials,
controlled response to UV light, core inclusion,
bonding materials and opacity marks
are high-tech security options for documents
and cards. Optically variable devices
include holograms, color-shifting films,
color-shifting inks, liquid crystals, and
transparent and metallic features.
Additional features—such as biometrics,
embedded images, security laminates, digital
and visual watermarks, and laserengraved
or perforated features—are also
methods to help combat counterfeiters.
Security features and devices protect
documents and assist in proving document
authenticity and/or tamper evidence at
three levels of inspection (some security
features protect the document in more than
one category or level). An overt, Level 1
device supports inspection and examination
without tools or aids and involves easily
identifiable visual or tactile features. A
covert, Level 2 device supports inspection
and examination requiring the use of a tool
or instrument to discern the feature (i.e.,
UV light, magnifying glass, machine-readable
technology reader or scanner). And a
forensic, Level 3 device is used to prove
document genuineness through inspection
and examination or destruction. This level
requires the use of expert training and laboratory
equipment designed to measure
select security features known only to a
few, often for use in case preparation by
law enforcement and for court use.
Document security features facilitate
the task of verification and authentication
by officials and inspectors throughout the world, making the task as easy as possible
under all practical circumstances and conditions.
Documents may then be designed
using information and features that are
“layered” and “linked” on the document.
In addition, security features that selfdestruct
and clearly show evidence of tampering
are highly desirable to protect
against the alteration of data and the reuse
of credentials by forgers.
The information on the various elements
of the document is linked by repetition of all
or a portion of the data in various human and
machine-readable portions. Linking ties one
part of the document to another to authenticate
and secure the document itself. For
example, a birth date, identifying number or
other variable personalized data may appear
in printed fashion as an overt feature and be
repeated in machine-readable bar codes or
covert features that can be automatically
read and matched for consistency to provide
authentication. Criminal counterfeiters and
forgers are defeated by the multiple and varied
features needed to construct a document
that will pass security inspection.
A New Role
Driver’s licenses and ID documents issued
by motor vehicle agencies are used
throughout North America and the world as
a right of access to board airlines, enter
buildings and establish identity by government
and financial institutions, by corporations,
retail and many other agencies
charged with maintaining security and the
identification of individuals.
One of the greatest uses of the driver’s
license is to identify citizens who are
party to a commercial transaction, and
therefore, one of its key duties is to
protect citizens from identity theft and
fraud. In addition, the events of 9/11 and
the 9/11 Commission’s report are leading
to legislative changes in how states
will issue driver’s licenses and ID cards
to support homeland security. States
are still awaiting the final decision from
DHS to find out what the requirements
will be. DSA recommends that several
current functional uses of the DL/ID
documents must continue to be accommodated,
including evidence of the
privilege to drive, identification of the
bearer, age verification, address/residence
verification and automated administrative
processing.
Intelli-Check Inc., a provider of document
verification solutions for driver’s
licenses and ID cards, and DSA have volunteered
to work with DHS and other
agencies to address issues in document
security. DSA members represent the current
and future suppliers of security documents
to a wide range of state and federal
governments and stand ready to provide
security counsel as needed.