You might well ask why misery guts like me keep going on about identity infrastructure in our cold, calculating plan to impinge on the gaiety of the nation by consigning stories like this to the dustbin of history.
A transsexual Jordan fan who stalked the glamour model is facing jail after admitting to stealing thousands of pounds from [Katie Price] using identity theft. Kerry Marshall, 18, who is currently undergoing a sex change to become a woman, managed to con a series of bank tellers into believing she was the television star.[From Teenage transsexual tricked bank staff into thinking she was Katie Price to steal thousands of pounds from the model | Mail Online]
Amazing. Absolutely amazing. Note for foreign viewers: “Katie Price” is the pseudonym of a female English topless glamour model called Jordan. She is famous for having enormous fake breasts and better known to the average Brit than the Prime Minister (you think I’m joking – sadly I’m not), which is why the story is so staggering. Although I would be hard pressed to tell Jordan from last year’s Big Brother runner-up or employee of the month at Spearmint Rhino, you would have thought that bank staff charged with KYC responsibilities might have done a little better.
But then perhaps I’m being too harsh. Even when you make people jump through hoops to “prove” who they are (in the absence of any actual working identity infrastructure), you can still get it wrong.
the administrator of an account allegedly belonging to Wendi Deng Murdoch, which briefly received the Verified Badge after launching on Sunday, admitted that she was not, in fact, the wife of News Corp. Chairman and CEO Rupert Murdoch[From Fake Wendi Deng account casts doubt on Twitter verification | FP Passport]
I’d be very suspicious of someone claiming to be a famous Chinese person tweeting from China — for one thing, Twitter is banned — and I’m not condoning pretending to be other people (although I wholly condone pseudonymous access). In fact, giving a fake name may sometimes have disastrous consequences, especially in environments where semi-automated systems are put on top of an unsuitable infrastructure. And it’s by no means clear that biometrics are a help here.
She gave Houston police a fake name. When police in Houston ran that name, it belonged to a 22-year-old illegal immigrant from Colombia, who had warrants for her arrest… News 8 has learned [officials] took the girl’s fingerprints, but somehow didn’t confirm her identity and deported her to Colombia, where the Colombian government gave her a work card and released her.[From Dallas teen missing since 2010 was mistakenly deported | wfaa.com Dallas – Fort Worth]
Reading this reminded me, as so many stories about identity, of the fabulous Terry Gilliam film “Brazil“. There’s a big difference between using a false identity, using a pseudonym and using multiple identities. I must say, I have occasionally been tempted to use a false identity, generally in the queue for immigration at Heathrow airport. I thought that claiming to be an asylum seeker from the Caucasus and getting myself sent to the Home Office in Croydon might be quicker than waiting in line.
Alvarado told Salt Lake City police, a Utah state courts judge and federal immigration officials that he was actually Saul Quiroz and had emigrated from Mexico illegally. At the time, Alvarado was facing up to 15 years in prison for the possession of cocaine and heroin with the intent to distribute. Instead of going to prison, Alvarado was deported to Mexico based on his false identity, according to court records. But he then returned to the United States using his American passport[From Man Avoids Jail By Faking Illegal Immigrant Status | Fox News]
Maybe the thing to do is to fingerprint everyone entering the US. After all, Japan is very happy with its system for fingerprinting non-citizens.
As a result of the collection of this personal data, which began at the inception of this program, the number of foreigners who were issued deportation orders or became targets for the implementation of compulsory deportation orders exceeded 1,600 before the end of February 2010.[From Fingerprint all Japanese, for safety’s sake | The Japan Times Online]
Oh wait, I just remembered that the US does fingerprint all of us foreigners who enter the country.
A doctor from the Dominican Republic was convicted and sentenced in Boston on Thursday of offering to surgically alter the fingerprints of illegal aliens, the Department of Justice said.[From Doctor convicted of surgery to alter immigrant fingerprints | Reuters]
As a corollary, if you did base security on fingerprinting everyone entering the US, you would naturally be very suspicious of anyone who didn’t have one, and suspect them to be a drug-smuggler from the Dominican republic.
A cancer patient was detained for hours at the US Customs because a cancer drug he was taking had caused his fingerprints to disappear.[From The curious case of the missing fingerprints]
I know, I know, these are rare cases. As a general rule, the easiest way to stop people from impersonating famous topless models and accessing their bank account is not, as deluded technologists might think, to have a working financial services identity infrastructure with federated identity and two-factor authentication, but to demand biometric identification documentation. Not that the bank can either verify it or even assess whether it is real or not.
A German manager with Mercedes-Benz is free after being arrested for not having a driver’s license with him under Alabama’s new law targeting illegal immigrants… an officer stopped a rental vehicle for not having a tag Wednesday night and asked the driver for his license. The man only had a German identification card, so he was arrested and taken to police headquarters, Anderson said.[From Mercedes manager from Germany arrested on Alabama immigration charge | timesfreepress.com]
Funny. But how would a US bank verify a German ID card or a UK bank verify a US driving licence? The answer is, of course, that they don’t. The take a photocopy of the biometrics identity document in order to comply with KYC regulations and then put it in a file somewhere.
Setting aside Jordan, Mexican immigrants and Dominican finger fakers, we really do need to do something. I ran into a problem the other day in the US because I always leave my “valuable” documents locked up in the safe in my hotel – I never carry either my passport or driving licence around with me. For goodness’ sake, it isn’t North Korea. But I couldn’t buy something in a store because I was asked to show ID in order to use my credit card and I didn’t have any idea with me. There really is, as Adam Banks, the Visa Europe CTO said, a crisis in identity.
These are personal opinions and should not be misunderstood as representing the opinions of
Consult Hyperion or any of its clients or suppliers
Not sure if it’s a good thing or a bad thing but the US does not require Canadians to be fingerprinted when entering the country (US-VISIT / digital fingerscans and photography don’t apply to Canucks or Yanks).