Forging Ahead

New technologies, best practices outwit document counterfeiters

As countless counterfeiting successes have demonstrated, depending solely upon a visual inspection for verification of a document is not sufficient. Equipment and tools are available today that put counterfeiting ability in the hands of those who previously did not have the appropriate graphic or printing skills, making law enforcement’s efforts to stop this crime much more difficult.

The continuing sophistication of desktop color printers, color laser copiers, highresolution color scanners, imaging and editing software and digital cameras, coupled with the exchange of information on the Internet, has put document counterfeiting, alteration and photo substitution capabilities into the realm of the general public. As a result, the ease of obtaining fraudulent identification and phony breeder documents of usable quality has greatly increased, as has the need for additional layers of security to be incorporated in the document. The variety of identification document formats also has made the visual authentication by humans more difficult and often insufficient to detect fraud. To ensure the ability to discern authentic documents, the use of machine-readable technologies is increasingly necessary.

Current Efforts
The key to machine-readable technology is interoperability, meaning that the technology should be readable on a global scale. Interoperability of document information is essential in any environment where the receiving party or agency is different from the issuer. Common sets of operating rules must be in place to ensure that documents can be accepted and their authenticity validated. Cost-appropriate technologies that secure the assessed risks and threats are required.

Today, most U.S. driver’s licenses use one or more machine-readable features, including 2-D bar codes—which are used by most jurisdictions—digital watermarks and magnetic stripes. This does not preclude the continued use of any other machine-readable technology or the addition of others as technology develops.

The Document Security Alliance was created by government agencies, private industry and academia to identify methods to improve security documents and related security procedures to combat the growing use of counterfeit documents in identity theft and fraud, terrorism, illegal purchases of controlled substances and firearms, illegal immigration and other criminal acts. Recognizing the need to continuously improve document security and the issuance process to combat new and existing threats, DSA is dedicated to educating those responsible for secure document issuance, distribution and use on the value of improving the security and reliability of ID documents. The group is committed to developing recommendations to appropriate federal and state government agencies, private industry and policymakers to improve the processes and procedures surrounding document security.

DSA membership consists of more than a dozen government agencies and organizations (including the Secret Service, Transportation Security Administration, Department of Homeland Security, Social Security Administration, Federal Bureau of Investigation, Food and Drug Administration, and Departments of Treasury and State), as well as more than 75 companies participating in the document security area. Private-sector entities and trade associations primarily represent the credentialing industry, including systems integrators, card manufacturers, secure printing companies, printer manufacturers, security features producers and biometric providers.

Credentialing Best Practices

The Document Security Alliance has identified a number of best practices that have already been implemented by government issuers of photo IDs in some sectors within the United States.

• Upgrade requirements in obtaining and authenticating breeder documents (birth certificates, Social Security cards, driver’s licenses) used in issuing IDs.

• Incorporate new technologies to enable cross-jurisdictional point-of-inspection machine-readable ID authentication, allowing for quick verification of the ID.

• Move toward issuance of IDs from secure facilities to enable verification processes and provide better control over materials and security features.

• Establish systems for facial recognition-based image identity verification.

• Implement capabilities for cross-database applicant verification.

• Shorten issuance and validity periods to ensure accurate records and enable security feature renewal/upgrade.

• Provide appropriate resources, training and equipment to state DMVs and other government-issuing authorities to upgrade issuance, authentication and verification processes and incorporate new security features.

• Establish laws (e.g., SAFE ID Act) to provide law enforcement with tools to combat ID counterfeiting.

Elements of Secure ID
In order to improve document security, it is important to understand and improve how an applicant is qualified and how a secure ID is issued and used. DSA believes any secure ID infrastructure must include the following:

Data capture. Obtain the applicant’s photograph, demographic information, supporting documents (such as breeder documents), a digital signature and, if necessary, appropriate biometrics.

Identification verification. Authenticate an applicant’s credentials and breeder documents, and compare select information against the issuing authority’s databases or other records (i.e., Social Security Administration data). Note that privacy best practices would suggest this be a point-topoint interaction and not a centralized hub or repository where personal information could be accessed.

Secure ID production. Use processes and technologies that enable secure ID issuance.

Secure ID credentials. Incorporate a layered, durable architecture that includes both difficult-to-counterfeit materials with sophisticated laminating and finishing processes and a number of overt, covert and forensic security features.

Authenticating IDs. Verify, without infringing on an individual’s personal privacy, the authenticity of a proffered government- issued photo ID, no matter where it was issued, at all various points of inspection or transaction—public or private sector.

Facets of Protection
Documents and cards may be secured in a number of ways, including the use of various features or devices. Printing techniques— such as deliberate errors and flaws, non-standard print fonts, background printing patterns, microprinting and rainbow printing—help make documents more unique and difficult to counterfeit. Chemically reactive, infrared and ultraviolet fluorescent inks also are options to consider. Embedding features like threads and fibers, taggant and/or markers in materials, controlled response to UV light, core inclusion, bonding materials and opacity marks are high-tech security options for documents and cards. Optically variable devices include holograms, color-shifting films, color-shifting inks, liquid crystals, and transparent and metallic features. Additional features—such as biometrics, embedded images, security laminates, digital and visual watermarks, and laserengraved or perforated features—are also methods to help combat counterfeiters.

Security features and devices protect documents and assist in proving document authenticity and/or tamper evidence at three levels of inspection (some security features protect the document in more than one category or level). An overt, Level 1 device supports inspection and examination without tools or aids and involves easily identifiable visual or tactile features. A covert, Level 2 device supports inspection and examination requiring the use of a tool or instrument to discern the feature (i.e., UV light, magnifying glass, machine-readable technology reader or scanner). And a forensic, Level 3 device is used to prove document genuineness through inspection and examination or destruction. This level requires the use of expert training and laboratory equipment designed to measure select security features known only to a few, often for use in case preparation by law enforcement and for court use.

Document security features facilitate the task of verification and authentication by officials and inspectors throughout the world, making the task as easy as possible under all practical circumstances and conditions. Documents may then be designed using information and features that are “layered” and “linked” on the document. In addition, security features that selfdestruct and clearly show evidence of tampering are highly desirable to protect against the alteration of data and the reuse of credentials by forgers.

The information on the various elements of the document is linked by repetition of all or a portion of the data in various human and machine-readable portions. Linking ties one part of the document to another to authenticate and secure the document itself. For example, a birth date, identifying number or other variable personalized data may appear in printed fashion as an overt feature and be repeated in machine-readable bar codes or covert features that can be automatically read and matched for consistency to provide authentication. Criminal counterfeiters and forgers are defeated by the multiple and varied features needed to construct a document that will pass security inspection.

A New Role
Driver’s licenses and ID documents issued by motor vehicle agencies are used throughout North America and the world as a right of access to board airlines, enter buildings and establish identity by government and financial institutions, by corporations, retail and many other agencies charged with maintaining security and the identification of individuals.

One of the greatest uses of the driver’s license is to identify citizens who are party to a commercial transaction, and therefore, one of its key duties is to protect citizens from identity theft and fraud. In addition, the events of 9/11 and the 9/11 Commission’s report are leading to legislative changes in how states will issue driver’s licenses and ID cards to support homeland security. States are still awaiting the final decision from DHS to find out what the requirements will be. DSA recommends that several current functional uses of the DL/ID documents must continue to be accommodated, including evidence of the privilege to drive, identification of the bearer, age verification, address/residence verification and automated administrative processing.

Intelli-Check Inc., a provider of document verification solutions for driver’s licenses and ID cards, and DSA have volunteered to work with DHS and other agencies to address issues in document security. DSA members represent the current and future suppliers of security documents to a wide range of state and federal governments and stand ready to provide security counsel as needed.

Featured

Featured Cybersecurity

Webinars

New Products

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions. 3

  • PE80 Series

    PE80 Series by SARGENT / ED4000/PED5000 Series by Corbin Russwin

    ASSA ABLOY, a global leader in access solutions, has announced the launch of two next generation exit devices from long-standing leaders in the premium exit device market: the PE80 Series by SARGENT and the PED4000/PED5000 Series by Corbin Russwin. These new exit devices boast industry-first features that are specifically designed to provide enhanced safety, security and convenience, setting new standards for exit solutions. The SARGENT PE80 and Corbin Russwin PED4000/PED5000 Series exit devices are engineered to meet the ever-evolving needs of modern buildings. Featuring the high strength, security and durability that ASSA ABLOY is known for, the new exit devices deliver several innovative, industry-first features in addition to elegant design finishes for every opening. 3

  • ResponderLink

    ResponderLink

    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols. 3