Saturday, March 14, 2009

Passport security broken?

It's always wise to take GAO reports with a grain of salt, especially since this one seems to have been leaked, not published. But it doesn't sound good. GAO managed to get four blatantly (and checkably) false passport applications approved by the State Department.

If we can't rely on the State Department to perform good fraud checks, then the rest of our system for keeping terrorists out of the country and preventing identity theft collapses. Yet the political and bureaucratice incentives are for the Passport Office are to crank the passports out, not to spend extra money on security that will slow down passport issuance. The State Department's less than encouraging response:

State Department spokesman Richard Aker said the agency regrets that it issued these four passports, adding that "the truth is that this was human error."

Aker did also point to plans to use facial recognition software and to get access to state drivers license data, both of which are helpful but not completely responsive to the GAO report (again, as leaked, so caution is appropriate).

1 comment:

Jim said...

This is why relying on any "in the wild" document to identify someone is flawed. I would gladly give the SSA, DHS, and State Department my fingerprints to lock down my identity. That way, someone else can't show up and steal my identity/benefits/retirement/reputation with just my SSN and some data easily found in public records or on Facebook!

If they let me use my fingerprints to protect my identity, then I could prove who I am anywhere, anytime, without having to carry an ID. Someone else couldn't use my SSN to get access to my credit, vote under my name, or hijack my certifications to obtain work. Plus, they can tell if someone tries to obtain multiple IDs like this GAO investigator did - the fingerprints would match one another.

Most states already collect prints for drivers' licenses. We drive around with our license plates being captured by cameras, our EZ Pass cards ticking off where we drive, and our cell phones telling our every move. Isn't it time to let those of us without tinfoil hats leverage better ways to protect our identity and root out fraud?