About The Blog

Debate at the intersection of business, technology and culture in the world of digital identity, both commercial and government, a blog born from the Digital Identity Forum in London and sponsored by Consult Hyperion



  • Add to
Technorati Favorites


  • Creative Commons

    Attribution Non-Commercial Share Alike

    This work is licensed under a Creative Commons Attribution - Noncommercial - Share Alike 2.0 UK: England & Wales License.

    Please note that by replying in this Forum you agree to license your comments in the same way. Your comments may be edited and used but will always be attributed.

« ID and payments | Main | Imperfect crime »

Fit and counterfeit

By Dave Birch posted Dec 24 2009 at 10:15 AM

[Dave Birch] When the first Bank of England banknotes were issued in June 1694, they must have seemed pretty secure, with their fancy engraving and the handwritten signatures. It must have been a bit of a shock in August 1694 when the first counterfeits were detected. Or should I say that the first counterfeits bad enough to be detected were detected. One of the problems that plagued the Royal Mint at that time was that the machinery to make notes and coins was being stolen by corrupt employees and sold to the criminal underworld. The machines were not really producing counterfeits, because they were the same plates and dies as being used in the mint, they were producing unauthorised versions. Banknotes have evolved a bit since then, but given the regularity of the stories about North Korea "supernotes", the counterfeiters have kept pace.

North Korea has been producing “super notes,” counterfeit 100-dollar bills practically indistinguishable from legal tender, even since 2007 when the U.S. released North Korea from financial sanctions. North Korea has also tried to bring some of the notes into South Korea.

[From Daily NK - Super Notes Still in Production]

There's no need to get Korean ultraforgers on board so far as the new UK national identity card goes. In fact, our indigenous forgers have been doing an excellent job, selling first-class forgeries of the UK ID card even before the UK ID card existed. Why they are bothering is not entirely clear.

Darren McTeggart tried to use the £30 card to pick up a replacement credit card from a branch of Santander – formerly Abbey – in Manchester, where the scheme was rolled out on a voluntary basis last year. Mr McTeggart, one of the first people to get the card, said: “They said it was not on their list of approved ID.

[From Man can't prove ID with ID card - Telegraph]

I'm sure this is just a hiccough. But how are indigenous ultraforgers creating their dastardly fake ID cards? Are they breaking into the government's factories and stealing the chips? Have they got corrupt insiders working for them? Sadly, nothing that interesting. It's apparently so easy to forge documents like this that the police are now asking the companies who sell printers to report suspicious customers, much as banks have to do when opening new accounts.

U.K. police are trying to get wider participation from printer manufacturers and makers of specialist equipment in a voluntary program designed to cut off criminals from the tools they need to make fraudulent passports and ID cards.

[From UK Police Engage Print Industry to Stop Fake IDs - PCWorld Business Center]

Oh come on. You can't seriously tell me that criminals can just walk into PC World and buy printers that can produce a fake ID card? I don't believe that for a moment. Oh, wait...

The Met has shut at least 20 [fake ID] “factories” in the last 18 months and believes more than 30,000 fake identities are in circulation. Police examined 12,000 of them and established they were behind a racket worth £14 million. One £750 printer was withdrawn from sale at PC World after detectives revealed it could produce replicas of the proposed new ID card and EU driving licences.

[From Police war on fake ID factories as fraudsters net millions | News]

Whoops. I'm sure this isn't what former Home Secretary David Blunkett had in mind when he was outlined his plans for the national ID card way back whenever.

I see that this same problem is in the news down under, where fake IDs are being produced on machines stolen from the government agency responsible for producing driving licences. As far as I can see from googling, the main market for the not-counterfeit IDs is teenage would-be drinkers, so why should we be worried about it?

The reason why this is so much of a problem is that once we have decided to have a single ID, a single source of truth about an individual, then our defences are down. Provided they have a plausible ID that can get through the "gate" then they are never questioned again behind the wall. They're not getting through the gate in the Norther Territories though:

SCANNERS have been given to every Territory pub and club to catch underage revellers trying to sneak in with fake IDs after the end of school exams. The handheld device flashes a blue light on to the licence and illuminates where the date of birth has been scratched off.

[From Fake ID fight | Northern Territory News | Darwin, Northern Territory, Australia | ntnews.com.au]

The moral of this story is that if there is going to a be a single token to determine some credential or other, then the "relying party" must be a given a machine to determine whether the token (as well as the credential) is valid or not. An ID card scheme is worse than useless without ID card readers, for example.

Currently no police stations, border entry points or job centres have readers for the card's biometric chip, the Identity and Passport Service (IPS) revealed in response to an FoI (Freedom of Information) request by silicon.com about the £4.7bn identity cards scheme.

[From Exclusive: ID cards are here - but police can't read them | Public Sector | silicon.com]

It certainly seems strange that the Home Office and their management consultants might design a several billion pound card-based system without any readers, so there must be some logical explanation. Perhaps they are going to order some readers when a threshold number of cards (let's say a million) are in circulation, in which case criminals would be well advised to use their fake cards to open bank accounts and get new jobs before this point is reached.

These opinions are my own (I think) and are presented solely in my capacity as an interested member of the general public [posted with ecto]


TrackBack URL for this entry:

Listed below are links to weblogs that reference Fit and counterfeit:


The comments to this entry are closed.