Identity verification in the private sector Chris Gration 30 March 2006 What is identity? DRAFT Identity – (noun) (1) the fact of being who or what a person or thing is. (2) the characteristics determining this. Latin idem – the same (Concise OED) The identity of an individual has a number of aspects: e.g., his/her given name (which of course may change), date of birth, place of birth. Other facts about an individual accumulate over time (the so-called electronic “footprint”): e.g., family circumstances and addresses, employment and business career, contacts with the authorities or with other financial sector firms, physical appearance. UK Joint Money Laundering Steering Group 5.3.1 • • • • Identity is an artefact, and also a function or process. The law assumes that each individual has a single, continuous identity as a natural person – a ‘true identity’. The law assumes that true identity is accessible. In practice it is not, but it may be approximated. A range of identity recognition processes can attempt to approximate true identity. All are fallible, and no practical recognition process is unconditionally the best. 2 Identity & probability DRAFT Identity recognition – establishing ‘true identity’ – is always a probabilistic process. Identity recognition evidence may include: Biometric (fingerprints, voice, retina, facial structure and DNA) Attributed (birth name, date of birth, parent’s details) Biographical (evidence of social interaction such as credit history, educational certificates, electoral registration) (Identity Fraud: A Study, UK Cabinet Office 2002) The outcome of the identity recognition process can be defined as a probability. Is this John? (90% accurate) + Is this Smith? (95% accurate) = Is this John Smith? (99.5% accurate) 3 DRAFT Identity and probability Identity recognition is always fallible. Even if the data is infallible, the mechanism to collect and assess it is fallible. More attributes can be added to the recogniser to decrease the probability of error. The recognition and the decision processes are separable. The same recogniser can be used for different decision contexts by adjusting the certainty threshold depending on costs and risks. Raising the certainty threshold will increase both the hit rate (frauds detected) and the false alarm rate (nonfrauds flagged as frauds). Recogniser Recognition Low consequence decision High consequence decision Decision Low threshold High threshold Low hits Low FAs High hits High FAs 4 Risk – valid ID validly claimed DRAFT Testing validity of claim to an ID is the most difficult claim for verification processes. It requires detecting ID frauds (either ID takeover of a valid ID, or synthetic creation of a valid ID). Face to face verification (facial recognition) may be considerably less effective than remote, algorithmic processes. More than 50% of unfamiliar faces were not matched to photo IDs in one study.1 1. Kemp, Towell and Pike “When seeing should not be believing: photographs, credit cards and fraud” Applied Cognitive Psychology Vol 11 211-222 1997 Best case Detection rate False Alarm % of frauds detected % of non-frauds rejected 66% 7% 34% 14% Easiest to detect fraud Worst case Hardest to detect fraud 5 DRAFT Electronic ID verification ID claim Electronic ID verification is a remote, algorithmically integrated ID recognition process eID tests evidence from the ID claim, with elements of biographical and attributed evidence stored digitally in datasets. The key elements of eID are data, a matching process, and a scoring layer to integrate a probability. eID differs from Document Verification in its goal: document verification seeks only to verify that a document is validly issued. It may be a source of evidence for ID verification. Electronic ID and Electronic document verification may both operate remotely and using algorithmic integration of the evidence. Algorithmic integration may in many circumstances be superior to manual integration: Matching process Internal & cross checks Integration layer Score It permits integration of a very large number of evidence variables consistently 6 Comparison of UK and DRAFT Australian data sources available Australia United Kingdom Yes Yes Yes Yes Yes No Yes Yes Yes Yes No Yes Yes Yes Yes Yes Post office re-directions No Yes Watch lists Yes Yes Aliases Yes Yes Data set Consumer credit records Public record information Companies information Electoral roll Telephone numbers Deaths ID Fraud information Postal addresses 7 Privacy issues DRAFT We need to clarify public interest in identity verification matching is not disclosure how consent can be made meaningful consistent guidance for use of public registers 8