Levels of identity security

Last updated March 17, 2023

The security features governing the security of an identity can be divided into three levels of security, i.e. Level 1 Security (L1S) (Overt), Level 2 Security (L2S) (Covert) and Level 3 Security (L3S) (Forensic). The three levels of security, in combination, provide comprehensive security coverage for identities and related documents to ensure their validity and authenticity. These are typically used to protect identity information on crucial documents such as identity cards, driving licenses and passports to ensure originality and accuracy of the identities they represent. The diagram below illustrates the different levels of security and how they ensure complete security coverage of an identity.

Security levels

Level 1 Security (L1S) SURFACE Data—Level 1 Security provides the lowest level of security. This basic security requirement is referred to as overt security printing methods (or methods needing special optical tools). Overt surface level security features include using ultra violet, threads, watermarks, holograms, security designs, micro text, fibers and other discernible features into the paper substance or on its surface during the paper making process. These are complemented by applied security features, such as OVD's or iridescent stripes, heat sensitive ink, optical variable ink and various high end printing methods or technologies. Printed personalised data is a part of this level of security and are static in nature. With the easy availability of technology today, such security features have become more easily tampered or copied.

L1S features provide the advantage of easy and quick cursory visual verification of identity information without the use of specific or specialized tools. However, an expert with specific tools will be necessary to identify forgeries or tampering. Due to the basic and visual nature of verification of these features, L1S features alone are no longer secure and can, in some instances where poorly implemented, increase the incidences^{[ spelling? ]} of identity theft, abuse and document forgery. In addition, because such features and information printed using L1S are static, there are inherent limitations on the depth and validity of the identity information being protected as well as if such information is most up-to-date.

Level 2 Security (L2S) EMBEDDED Data—Level 2 Security improves upon the physical security mechanisms of Level 1 Security by taking information protection to a covert and embedded level. This prevents casual intruders from gaining access to, for example, encoded confidential information inside an embedded chip or other means of encoding. Technologies at this level include smart chips, magnetic strips, Radio Frequency Identification (RFID), contactless chips or smart chips with embedded identity and biometric data. With the right tools, L2S schemes allows the capability to capture, register and authenticate document holders' identity information and, of late, biometric identity information. The encoded data is limited by the chip memory size and capability. A specialized access mechanism (i.e. the reader and encoder device) is required to obtain access to the relevant data source and write data onto the embedded medium.

L2S has been breached by technological advancements and can no longer be considered as 100% secure. With today's technology, counterfeiting is no longer unusual and identity document information can be potentially tampered, modified, stolen and duplicated into another document to be used for unauthorised or illegal purposes.

Level 3 Security (L3S) FORENSIC Data—Level 3 Security offers the security and integrity of information from the surface level by sight down to the infinitely complex and specialized L3S FORENSIC level. Essentially, L3S will provide as many security levels as needed for any situation by catering to visual inspection of documents as well as L3S FORENSIC checks on identity and security information not readily attainable or viewable unless accessed by FORENSIC tools with the correct levels of authorised access. The ability to apply multiple sub-levels of security is made possible by the concept of centralised (as opposed to localised) and dynamic identity data management by which centralised and forensic security controls can be applied on top of the localised and limited security applications onto an identity document. Tampered and forged identity documents are exposed when centrally retrieved original data of the True Identity reveals discrepancies on the document as well as any latest real-time updated information such as current statuses of a person's identity profile.

Level 3 Security (L3S) is referred to as the most in-depth and highest security level technology for securing identities and identity documents. This focuses around the protection of the one True Identity of each individual and thereby, automatically protecting the related identity documents (conversely, in L1S and L2S schemas, the focus is to protect an identity document to then be able to protect an identity. However, once the identity document's security is breached, the identity it is meant to protect is also automatically compromised). This type of technology has been endorsed by the United Nation Office on Drugs and Crime (UNODC) and the United Nation Global Initiative to Fight Human Trafficking (UN.GIFT).^[1] During the Vienna Forum in 2008,^[2] both the UNODC and UN.GIFT have endorsed that machine readable codes are made difficult to falsify by not storing identity information on the document but, instead, in the source database which is centralized, protected and only accessible via relevant access authorisations and authorized tools. In relation to the UNODC Article 12 of the Legislative Guide for the Implementation of the Protocol to Prevent, Suppress and Punish Tracking in Persons, it stipulates the following:

Several kinds of technology that are new or in the process of being developed offer considerable potential for the creation of new types of document that identify individuals in a unique manner, can be rapidly and accurately read by machines and are difficult to falsify because they rely on information stored in a database out of the reach offenders rather than information provided in the document itself.

United Nations Office on Drugs and Crime

Related Research Articles

<span class="mw-page-title-main">Authentication</span> Act of proving an assertion, often the identity of a computer system user

Authentication is the act of proving an assertion, such as the identity of a computer system user. In contrast with identification, the act of indicating a person or thing's identity, authentication is the process of verifying that identity. It might involve validating personal identity documents, verifying the authenticity of a website with a digital certificate, determining the age of an artifact by carbon dating, or ensuring that a product or document is not counterfeit.

A secure cryptoprocessor is a dedicated computer-on-a-chip or microprocessor for carrying out cryptographic operations, embedded in a packaging with multiple physical security measures, which give it a degree of tamper resistance. Unlike cryptographic processors that output decrypted data onto a bus in a secure environment, a secure cryptoprocessor does not output decrypted data or decrypted program instructions in an environment where security cannot always be maintained.

A smart card, chip card, or integrated circuit card is a physical electronic authentication device, used to control access to a resource. It is typically a plastic credit card-sized card with an embedded integrated circuit (IC) chip. Many smart cards include a pattern of metal contacts to electrically connect to the internal chip. Others are contactless, and some are both. Smart cards can provide personal identification, authentication, data storage, and application processing. Applications include identification, financial, mobile phones (SIM), public transit, computer security, schools, and healthcare. Smart cards may provide strong security authentication for single sign-on (SSO) within organizations. Numerous nations have deployed smart cards throughout their populations.

Radio-frequency identification (RFID) uses electromagnetic fields to automatically identify and track tags attached to objects. An RFID system consists of a tiny radio transponder, a radio receiver and transmitter. When triggered by an electromagnetic interrogation pulse from a nearby RFID reader device, the tag transmits digital data, usually an identifying inventory number, back to the reader. This number can be used to track inventory goods.

<span class="mw-page-title-main">Security printing</span> Field of the printing industry for banknotes and other security products

Security printing is the field of the printing industry that deals with the printing of items such as banknotes, cheques, passports, tamper-evident labels, security tapes, product authentication, stock certificates, postage stamps and identity cards. The main goal of security printing is to prevent forgery, tampering, or counterfeiting. More recently many of the techniques used to protect these high-value documents have become more available to commercial printers, whether they are using the more traditional offset and flexographic presses or the newer digital platforms. Businesses are protecting their lesser-value documents such as transcripts, coupons and prescription pads by incorporating some of the features listed below to ensure that they cannot be forged or that alteration of the data cannot occur undetected.

A digital watermark is a kind of marker covertly embedded in a noise-tolerant signal such as audio, video or image data. It is typically used to identify ownership of the copyright of such signal. "Watermarking" is the process of hiding digital information in a carrier signal; the hidden information should, but does not need to, contain a relation to the carrier signal. Digital watermarks may be used to verify the authenticity or integrity of the carrier signal or to show the identity of its owners. It is prominently used for tracing copyright infringements and for banknote authentication.

Automatic identification and data capture (AIDC) refers to the methods of automatically identifying objects, collecting data about them, and entering them directly into computer systems, without human involvement. Technologies typically considered as part of AIDC include QR codes, bar codes, radio frequency identification (RFID), biometrics, magnetic stripes, optical character recognition (OCR), smart cards, and voice recognition. AIDC is also commonly referred to as "Automatic Identification", "Auto-ID" and "Automatic Data Capture".

Tamper-evident describes a device or process that makes unauthorized access to the protected object easily detected. Seals, markings, or other techniques may be tamper indicating.

Identity document forgery is the process by which identity documents issued by governing bodies are copied and/or modified by persons not authorized to create such documents or engage in such modifications, for the purpose of deceiving those who would view the documents about the identity or status of the bearer. The term also encompasses the activity of acquiring identity documents from legitimate bodies by falsifying the required supporting documentation in order to create the desired identity.

A contactless smart card is a contactless credential whose dimensions are credit-card size. Its embedded integrated circuits can store data and communicate with a terminal via NFC. Commonplace uses include transit tickets, bank cards and passports.

<span class="mw-page-title-main">Tamperproofing</span> Security methodology

Tamperproofing, conceptually, is a methodology used to hinder, deter or detect unauthorised access to a device or circumvention of a security system. Since any device or system can be foiled by a person with sufficient knowledge, equipment, and time, the term "tamperproof" is a misnomer unless some limitations on the tampering party's resources is explicit or assumed.

Extended Access Control (EAC) is a set of advanced security features for electronic passports that protects and restricts access to sensitive personal data contained in the RFID chip. In contrast to common personal data which can be protected by basic mechanisms, more sensitive data must be protected further for preventing unauthorized access and skimming. A chip protected by EAC will allow that this sensitive data is read only by an authorized passport inspection system.

Wireless identity theft, also known as contactless identity theft or RFID identity theft, is a form of identity theft described as "the act of compromising an individual’s personal identifying information using wireless mechanics." Numerous articles have been written about wireless identity theft and broadcast television has produced several investigations of this phenomenon. According to Marc Rotenberg of the Electronic Privacy Information Center, wireless identity theft is a serious issue as the contactless (wireless) card design is inherently flawed, increasing the vulnerability to attacks.

Digital security refers to various ways of protecting a computer's internet account and files from intrusion by an outside user or a hacker.

A human microchip implant is any electronic device implanted subcutaneously (subdermally) usually via an injection. Examples include an identifying integrated circuit RFID device encased in silicate glass which is implanted in the body of a human being. This type of subdermal implant usually contains a unique ID number that can be linked to information contained in an external database, such as identity document, criminal record, medical history, medications, address book, and other potential uses.

The German Identity Card is issued to German citizens by local registration offices in Germany and diplomatic missions abroad, while they are produced at the Bundesdruckerei in Berlin.

The Lebanese identity card is a compulsory Identity document issued to citizens of the Republic of Lebanon by the police on behalf of the Lebanese Ministry of Interior or in Lebanese embassies/consulates (abroad) free of charge. It is proof of identity, citizenship and residence of the Lebanese citizens.

Security tape is a type of adhesive tape used to help reduce shipping losses due to pilfering and theft. It helps reduce tampering or product adulteration. Often it is a pressure sensitive tape or label with special tamper resistant or tamper evident features. It can be used as a ‘’security seal’’ in addition to a container closure or can be used as a security label. They are sometimes used as or with authentication products and can be an anti-pilferage seal.

Evidence packaging involves the specialized packaging methods and materials used for physical evidence. Items need to be collected at a crime scene or a fire scene, forwarded to a laboratory for forensic analysis, put in secure storage, and used in a courtroom, all while maintaining the chain of custody. Items might include DNA, drugs, hair samples, body parts, blood samples, sperm, knives, vomit, firearms, bullets, fire accelerants, computers, checkbooks, etc.

Identity replacement technology is any technology that is used to cover up all or parts of a person's identity, either in real life or virtually. This can include face masks, face authentication technology, and deepfakes on the Internet that spread fake editing of videos and images. Face replacement and identity masking are used by either criminals or law-abiding citizens. Identity replacement tech, when operated on by criminals, leads to heists or robbery activities. Law-abiding citizens utilize identity replacement technology to prevent government or various entities from tracking private information such as locations, social connections, and daily behaviors.

References

↑ "Legislative Guides for the Implementation of the United Nations Convention against Transnational Organized Crime and the Protocol Thereto" (PDF). UNITED NATIONS PUBLICATION. www.un.org.
↑ "The Vienna Forum to fight Human Trafficking 13-15 February 2008, Austria Center Vienna Background Paper" (PDF). UNITED NATIONS PUBLICATION. www.un.org.

External links

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[1] "Legislative Guides for the Implementation of the United Nations Convention against Transnational Organized Crime and the Protocol Thereto" (PDF). UNITED NATIONS PUBLICATION. www.un.org.

[2] "The Vienna Forum to fight Human Trafficking 13-15 February 2008, Austria Center Vienna Background Paper" (PDF). UNITED NATIONS PUBLICATION. www.un.org.

[1]

[2]

Levels of identity security

Contents

Security levels

See also

Related Research Articles

References

External links