Identity document forgery

Identity document forgery

Identity document forgery is the process by which identity documents issued by governing bodies are copied and/or modified by persons not authorized to create such documents or engage in such modifications, for the purpose of deceiving those who would view the documents about the identity or status of the bearer. The term also encompasses the activity of acquiring identity documents from governing bodies by falsifying the required supporting documentation in order to create the desired identity.

Identity documents differ from other credentials in that they are intended only to be usable by the person holding the card. Unlike other credentials, they may be used to restrict the activities of the holder as well as to expand them.

Documents that have been forged in this way include driver's licenses (which historically have been forged or altered as an attempt to conceal the fact that persons desiring to consume alcohol are under the legal drinking age), birth certificates and Social Security cards (likely used in identity theft schemes, or to defraud the government), and passports (used to evade restrictions on entry into a particular country).

Such falsified documents can be used for identity theft, age deception, illegal immigration, and organized crime.

Use scenarios, forgery techniques and security countermeasures

A distinction needs to be made between the different uses of an identity document. In one case, the fake ID may only have to pass a cursory inspection, such as flashing a plastic ID card for a security guard. At the other extreme, a document may have to resist scrutiny by a trained document examiner, who may be equipped with technical tools for verifying biometrics and reading hidden security features within the card. To make forgery more difficult, most modern IDs contain numerous security features that require specialised and expensive equipment to duplicate. School IDs are typicaly easier to fake, as they often do not have the same level of security measures as government-issued IDs.

Modern fake ID cards almost invariably carry a picture of the authorized user, a simple and effective form of biometric identification. However, forgery of simple photographic ID cards has become simple in recent years with the availability of low-cost high-resolution printers and scanners and photo editing software. Simple fake ID cards are commonly made using an inkjet or laser printer to print a replica document which is then laminated to resemble a real ID card. Most designs are made using computer programs, re-creating scanned copies of a license.

More complex ID cards are now being created by printing on a material called Teslin, which is a paper-like material that is actually a micro-porous plastic sheet. When butterfly pouches and holograms are applied, the card is then run through a heat laminator which creates a professional-looking ID card.

Numerous security printing techniques have been used to attempt to enhance the security of ID cards. For example, many modern documents include holograms, which are difficult to replicate without expensive equipment which is not generally available. Though accurate recreation of these holograms is extremely difficult, using a mixture of pigments and base can create a similar shiny multi-coloured look which may pass cursory inspection.

In addition, some documents include a magnetic strip, which will also contain the same information, and may thus be checked against the machine-readable information on the barcode. Magnetic strips may also contain other secret identifying information. Although magnetic strips can also be faked, they provide another barrier to entry for the amateur forger.Other hidden security devices can also be added, including embedded secure cryptoprocessor chips which are designed to be very difficult to forge, and RFID tags: the two technologies may also be combined, in the case of contactless smart cards.

Another effective technique is the use of online verification of security information against a central database. In many cases, online verification can detect simple copying of a document by detecting attempted use in multiple places at the same time, or completely false IDs, as the information on the ID will be found to be invalid. A simple method of confirming that an ID is genuine is to print a serial number on it unique to the card and stored on a centralised database. If checked, it will quickly become clear that the ID is false; either the number on the ID is not registered for the holder, or no ID has the number at all. Online verification also has the advantage that it allows easy revocation of lost or stolen documents.

Many modern credentials now contain some kind of barcode. For example, many U.S. driving licences include a 2-dimensional code in PDF417 format, which contains the same information as on the front of the license. Barcodes allow rapid checking of credentials for low-security applications, and may potentially contain extra information which can be used to verify other information on the card.

Systemic attacks

The combination of multiple high-security features, biometrics, and well-trained document inspectors with technical assistance can be very effective at preventing forgery. However, all of these security techniques can be rendered ineffective if the ID document is a "genuine fake", that is, a genuine document issued under false pretences.

One way of doing this is to present the document issuing authority with false credentials, which they will then endorse by issuing a new document. In this way, false identities and credentials can be "bootstrapped" over a period of time.

Another simpler way of generating false credentials is to suborn one of the officials involved the document issuing process. This may also be combined with the bootstrapping process above to mount complex attacks.

Corruption in the document-issuing process is hard to counter, since as the value of a credential increases, the economic incentives for corruption also increase. This is particularly true in the case of fake ID cards that combine many functions in one document, and for documents which are issued in large numbers, thus requiring many thousands of people to have authorizing powers.

Another systemic attack is to inject false information into the official database, in such a way that the database will recognize fake cards as being real.

External links

* U.S. FTC press release: [ FTC Closes Down Fake I.D. Mill on The Internet]
* CBS News story: [ Sellers of fake immigration papers say they aren't worried about call for tamperproof ID cards]


Wikimedia Foundation. 2010.

Игры ⚽ Поможем написать курсовую

Look at other dictionaries:

  • Identity document — National identity card redirects here. For cards referred to in the English language as national identity card , see National identity card (disambiguation). An identity document (also called a piece of identification or ID, or colloquially as… …   Wikipedia

  • Identity theft — is a form of stealing another person s identity in which someone pretends to be someone else by assuming that person s identity, typically in order to access resources or obtain credit and other benefits in that person s name. The victim of… …   Wikipedia

  • Forgery — is the process of making, adapting, or imitating objects, statistics, or documents (see false document), with the intent to deceive. The similar crime of fraud is the crime of deceiving another, including through the use of objects obtained… …   Wikipedia

  • Questioned document examination — (QDE) is the forensic discipline pertaining to documents that are (or may be) in dispute in a court of law. The primary purpose of forensic document examination is to answer questions about a disputed document using a variety of scientific… …   Wikipedia

  • Hong Kong Identity Card — Hong Kong Permanent Identity card front of HK permanent ID card Traditional Chinese 香港永久性居民身份證 …   Wikipedia

  • Cross-site request forgery — Cross site request forgery, also known as a one click attack or session riding and abbreviated as CSRF (pronounced sea surf[1]) or XSRF, is a type of malicious exploit of a website whereby unauthorized commands are transmitted from a user that… …   Wikipedia

  • Organized crime — Crime syndicate redirects here. For the DC Comics group of villains, see Crime Syndicate. For other uses, see Organized crime (disambiguation). Al Capone, a name often associated with organized crime …   Wikipedia

  • Coalition for a Secure Driver's License — Abbreviation CSDL Motto Working to Protect The Identity of Every American Formation No …   Wikipedia

  • People smuggling — Over a thousand men, smuggled into Oman, return to Pakistan by boat after they were arrested. South Asians are smuggled into the Middle East each year, but many are caught and sent back. People smuggling (also called human smuggling) is defined… …   Wikipedia

  • 18th Street gang — 18th Street Founded 1959 Years active 1959 – present Territory Mostly in Los Angeles California, the western and southern areas of the United States, Mexico, and Central America …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”