IDsGAO: Easily obtained counterfeit IDs present real risks

Child's image on driver's license demonstrates the ease of falsifying documents // Source: fakeidfinder.com

Last Friday, the Government Accountability Office (GAO) released a report, Driver’s License Security - Federal Leadership Needed to Address Remaining Vulnerabilities, in which the agency reports that counterfeit documents can still be used easily to obtain valid driver’s licenses and state-issued identification cards under fictitious identities, and recommended that DHS exert leadership toward correcting the problem.

Brian Zimmer, president of the Coalition for a Secure Driver’s License, stated, “The GAO replicated the same techniques used by the 9/11 terrorists to get more than 30 driver’s license and IDs from state licensing agencies. To obtain a driver’s license with your photo but with someone else’s biographic information or with fictitious information, terrorists need only travel to a state where identification standards are low and service is fast. Terrorists planning future attacks on Americans will be delighted by GAO’s findings, but Congress should be very concerned.”

A coalition release notes that GAO’s investigators obtained five driver’s licenses in three different states under fictitious identities using combinations of name, birth date, and Social Security Numbers together with counterfeit documents. In two states, a GAO investigator was able to obtain two licenses with different identities using the same person’s face. Only in one case did a motor vehicle employee appear to question the validity of the documents being presented, but the GAO investigator was still able to obtain a driver’s license.

Zimmer said, “The investigators exploited cross state information vulnerabilities by using counterfeit driver’s licenses from states other than the ones where they were issued valid driver’s licenses. There’s nothing to stop tomorrow’s terrorists from obtaining valid driver’s licenses in states where a pre-9/11 mentality prioritizes speedy customer service over the careful identity authentication of applicants. There are technological solutions to counter this risk, some of those made possible by federal systems and some from industry. The REAL ID Act identity security standards published in 2008 provide a framework for closing vulnerabilities like those exploited by GAO investigators, but compliance with those rules is voluntary.”

The Coalition for a Secure Driver’s License said it strongly endorses the GAO’s Recommendations for Executive Action (quoted from page 32 of GAO-12-893 Driver’s License Security):

To enhance state driver licensing agencies’ ability to combat driver’s license fraud, consistent with the requirements of the REAL ID Act, we recommend that the Secretary of Homeland Security take the following interim actions while national systems to detect cross-state and birth certificate fraud are being developed:
1. Work with state, federal and other partners to develop and implement an interim strategy for addressing cross-state license fraud. Such a strategy could include, for example, expansion of AAMVA’s photo sharing program or enhanced utilization of SSOLV to identify SSNs that are queried multiple times by different states. This strategy should include plans for sharing best practices and ideas for alternative solutions among the states.
2. Work with states and other partners to develop and implement an interim strategy for addressing birth certificate fraud. Such a strategy could include, for example, coordination between driver licensing agencies and state vital records agencies to verify birth certificates for license applicants born in-state.