This article may be too technical for most readers to understand.(July 2013) |
The security features governing the security of an identity can be divided into three levels of security, i.e. Level 1 Security (L1S) (Overt), Level 2 Security (L2S) (Covert) and Level 3 Security (L3S) (Forensic). The three levels of security, in combination, provide comprehensive security coverage for identities and related documents to ensure their validity and authenticity. These are typically used to protect identity information on crucial documents such as identity cards, driving licenses and passports to ensure originality and accuracy of the identities they represent. The diagram below illustrates the different levels of security and how they ensure complete security coverage of an identity.
Several kinds of technology that are new or in the process of being developed offer considerable potential for the creation of new types of document that identify individuals in a unique manner, can be rapidly and accurately read by machines and are difficult to falsify because they rely on information stored in a database out of the reach offenders rather than information provided in the document itself.
Authentication is the act of proving an assertion, such as the identity of a computer system user. In contrast with identification, the act of indicating a person or thing's identity, authentication is the process of verifying that identity. It might involve validating personal identity documents, verifying the authenticity of a website with a digital certificate, determining the age of an artifact by carbon dating, or ensuring that a product or document is not counterfeit.
A secure cryptoprocessor is a dedicated computer-on-a-chip or microprocessor for carrying out cryptographic operations, embedded in a packaging with multiple physical security measures, which give it a degree of tamper resistance. Unlike cryptographic processors that output decrypted data onto a bus in a secure environment, a secure cryptoprocessor does not output decrypted data or decrypted program instructions in an environment where security cannot always be maintained.
A smart card, chip card, or integrated circuit card is a physical electronic authentication device, used to control access to a resource. It is typically a plastic credit card-sized card with an embedded integrated circuit (IC) chip. Many smart cards include a pattern of metal contacts to electrically connect to the internal chip. Others are contactless, and some are both. Smart cards can provide personal identification, authentication, data storage, and application processing. Applications include identification, financial, mobile phones (SIM), public transit, computer security, schools, and healthcare. Smart cards may provide strong security authentication for single sign-on (SSO) within organizations. Numerous nations have deployed smart cards throughout their populations.
Radio-frequency identification (RFID) uses electromagnetic fields to automatically identify and track tags attached to objects. An RFID system consists of a tiny radio transponder, a radio receiver and transmitter. When triggered by an electromagnetic interrogation pulse from a nearby RFID reader device, the tag transmits digital data, usually an identifying inventory number, back to the reader. This number can be used to track inventory goods.
Security printing is the field of the printing industry that deals with the printing of items such as banknotes, cheques, passports, tamper-evident labels, security tapes, product authentication, stock certificates, postage stamps and identity cards. The main goal of security printing is to prevent forgery, tampering, or counterfeiting. More recently many of the techniques used to protect these high-value documents have become more available to commercial printers, whether they are using the more traditional offset and flexographic presses or the newer digital platforms. Businesses are protecting their lesser-value documents such as transcripts, coupons and prescription pads by incorporating some of the features listed below to ensure that they cannot be forged or that alteration of the data cannot occur undetected.
A digital watermark is a kind of marker covertly embedded in a noise-tolerant signal such as audio, video or image data. It is typically used to identify ownership of the copyright of such signal. "Watermarking" is the process of hiding digital information in a carrier signal; the hidden information should, but does not need to, contain a relation to the carrier signal. Digital watermarks may be used to verify the authenticity or integrity of the carrier signal or to show the identity of its owners. It is prominently used for tracing copyright infringements and for banknote authentication.
Automatic identification and data capture (AIDC) refers to the methods of automatically identifying objects, collecting data about them, and entering them directly into computer systems, without human involvement. Technologies typically considered as part of AIDC include QR codes, bar codes, radio frequency identification (RFID), biometrics, magnetic stripes, optical character recognition (OCR), smart cards, and voice recognition. AIDC is also commonly referred to as "Automatic Identification", "Auto-ID" and "Automatic Data Capture".
Tamper-evident describes a device or process that makes unauthorized access to the protected object easily detected. Seals, markings, or other techniques may be tamper indicating.
Identity document forgery is the process by which identity documents issued by governing bodies are copied and/or modified by persons not authorized to create such documents or engage in such modifications, for the purpose of deceiving those who would view the documents about the identity or status of the bearer. The term also encompasses the activity of acquiring identity documents from legitimate bodies by falsifying the required supporting documentation in order to create the desired identity.
A contactless smart card is a contactless credential whose dimensions are credit-card size. Its embedded integrated circuits can store data and communicate with a terminal via NFC. Commonplace uses include transit tickets, bank cards and passports.
Tamperproofing, conceptually, is a methodology used to hinder, deter or detect unauthorised access to a device or circumvention of a security system. Since any device or system can be foiled by a person with sufficient knowledge, equipment, and time, the term "tamperproof" is a misnomer unless some limitations on the tampering party's resources is explicit or assumed.
Extended Access Control (EAC) is a set of advanced security features for electronic passports that protects and restricts access to sensitive personal data contained in the RFID chip. In contrast to common personal data which can be protected by basic mechanisms, more sensitive data must be protected further for preventing unauthorized access and skimming. A chip protected by EAC will allow that this sensitive data is read only by an authorized passport inspection system.
Wireless identity theft, also known as contactless identity theft or RFID identity theft, is a form of identity theft described as "the act of compromising an individual’s personal identifying information using wireless mechanics." Numerous articles have been written about wireless identity theft and broadcast television has produced several investigations of this phenomenon. According to Marc Rotenberg of the Electronic Privacy Information Center, wireless identity theft is a serious issue as the contactless (wireless) card design is inherently flawed, increasing the vulnerability to attacks.
Digital security refers to various ways of protecting a computer's internet account and files from intrusion by an outside user or a hacker.
A human microchip implant is any electronic device implanted subcutaneously (subdermally) usually via an injection. Examples include an identifying integrated circuit RFID device encased in silicate glass which is implanted in the body of a human being. This type of subdermal implant usually contains a unique ID number that can be linked to information contained in an external database, such as identity document, criminal record, medical history, medications, address book, and other potential uses.
The German Identity Card is issued to German citizens by local registration offices in Germany and diplomatic missions abroad, while they are produced at the Bundesdruckerei in Berlin.
The Lebanese identity card is a compulsory Identity document issued to citizens of the Republic of Lebanon by the police on behalf of the Lebanese Ministry of Interior or in Lebanese embassies/consulates (abroad) free of charge. It is proof of identity, citizenship and residence of the Lebanese citizens.
Security tape is a type of adhesive tape used to help reduce shipping losses due to pilfering and theft. It helps reduce tampering or product adulteration. Often it is a pressure sensitive tape or label with special tamper resistant or tamper evident features. It can be used as a ‘’security seal’’ in addition to a container closure or can be used as a security label. They are sometimes used as or with authentication products and can be an anti-pilferage seal.
Evidence packaging involves the specialized packaging methods and materials used for physical evidence. Items need to be collected at a crime scene or a fire scene, forwarded to a laboratory for forensic analysis, put in secure storage, and used in a courtroom, all while maintaining the chain of custody. Items might include DNA, drugs, hair samples, body parts, blood samples, sperm, knives, vomit, firearms, bullets, fire accelerants, computers, checkbooks, etc.
Identity replacement technology is any technology that is used to cover up all or parts of a person's identity, either in real life or virtually. This can include face masks, face authentication technology, and deepfakes on the Internet that spread fake editing of videos and images. Face replacement and identity masking are used by either criminals or law-abiding citizens. Identity replacement tech, when operated on by criminals, leads to heists or robbery activities. Law-abiding citizens utilize identity replacement technology to prevent government or various entities from tracking private information such as locations, social connections, and daily behaviors.