One might argue that the most important thing to conquer in the 21st century is cancer, but the protection of individual identity ranks right up there.
In fact, here is what Michael Chertoff, the former chief of the Department of Homeland Security, says: “In the 21st century, the most important asset that we have to protect as individuals and as part of our nation is the control of our identity, who we are, how we identify ourselves, whether other people are permitted to masquerade and pretend to be us, and thereby damage our livelihood, damage our assets, damage our reputation, damage our standing in our community.”
As our society becomes more technologized, the potential for identity theft grows, and we increasingly lose our ability to be truly verified or authenticated — all 7 billion of us on this planet — as we use thousands of various forms of identification, but with little security.
For instance, the Social Security number for Americans is like dander: It’s everywhere, even for sale online. Fake IDs are sold as easily as bottles of soda. Credit is open for grabs. There’s no one-version-only standard for birth certificates. The driver’s license doubles as an ID document.
Identity is a simple idea that’s become a complex problem due to fraud and the ease of account takeover.
The Social Security card is currently our national identification card that’s not supposed to be used for identification at all.
A 1988 New York Times story notes: For many years, Social Security cards carried an admonition that they were to be used “for Social Security and tax purposes — not for identification.” That assurance rings hollow today. Congress has authorized so many uses of the nine-digit number, and Americans use it for so many unauthorized purposes.
Many privacy advocates scream in horror about a national ID. Fact is, we already have a national ID: the Social Security number.
We have as many as 200 forms of ID circulating from state to state, plus another 14,000 birth certificates and 49 versions of the Social Security card. We use “for-profit” third-party information brokers, the lowly vital statistics agency and county court clerks who work for each state to manage the data.
All of these documents can be compromised by a good scanner and inkjet printer.
Small, specific segments of society such as airport employees are first in line to be identified through a process called identity proofing (proving identity).
Authentication is the ability to verify the identity of an individual based on their unique characteristics: a positive ID, possible only with a biometric.
A biometric can be either static (anatomical, physiological) or dynamic (behavioral). Examples of static: iris, fingerprint, facial characteristic, DNA. Examples of dynamic: voice, keyboard, signature, maybe gait.
Verification is used when the identity of a person cannot be definitely established. Technologies used provide real-time assessment of the validity of an asserted identity. We don’t know who the individual is, but we try to get as close as possible to verifying his or her asserted identity.
A secure national ID can be established in an encrypted smart-chipped card that encompasses biometrics and dynamic biometrics. The United Arab Emirates is light years ahead of the U.S. with a smart card that fixes a lot of these problems.
Privacy is not the issue here. It’s only an illusion that there is currently or ever was true privacy. Security is paramount. In order to participate in society, to be granted credit, to be granted freedom to roam in a civil society under rules and laws, you need to prove you can or are behaving yourself and that begins with identifying who you are.
Robert Siciliano is CEO of IDTheftSecurity.com and author of “99 Things You Wish You Knew Before … Your Identity Was Stolen.”
