Identity verification in the private sector Chris Gration 30 March 2006.

Slides:



Advertisements
Similar presentations
Dr. Marc Valliant, VP & CTO
Advertisements

Stephen Upton – 2 June 2005EURIM Personal Identity Working Group Secure identity – a personal view Stephen Upton Office: Mobile:
AFCEA TechNet Europe Identity and Authentication Management Systems for Access Control Security IDENTITY MANAGEMENT Good Afternoon! Since Yesterday we.
BIOMETRICS, CCTV & DATA PROTECTION By Drudeisha Madhub Data Protection Commissioner Date:
European Electronic Identity Practices Country Update of …………… Speaker: Date:
Enter date here Authenticate Pro Helen Clift 15 th November 2005.
New Products for the Public Sector The products that will change your work life Presented by: Derek O’Halloran Date: 14 th June 2007.
Chapter 9 Creating and Maintaining Database Presented by Zhiming Liu Instructor: Dr. Bebis.
Red Flags 101. What It’s All About Section’s 114 and 315 of the FACT Act were implemented in October 2007 and became effective January 1, These.
RMG:Red Flags Rule 1 Regal Medical Group Red Flags Rule Identify Theft Training.
 Federal Trade Commission (FTC)  Final Regulations issued November, 2007 › Effective 1/1/08 › Compliance and Enforcement Date 11/1/08  Enforcement.
Department of Labor HSPD-12
Governor’s Commission on Volunteerism & Community Service volunteerflorida.org AmeriCorps Background Check101  NATIONAL SERVICE CRIMINAL HISTORY CHECK.
Christian Vargas. Also known as Data Privacy or Data Protection Is the relationship between collection and spreading or exposing data and information.
Discussion on SA-500 – AUDIT EVIDENCE
BANK WIZARD Bank account verification Presented by: Aidan Sparrowhawk Date: 18 th September 2007.
Section – Biometrics 1. Biometrics Biometric refers to any measure used to uniquely identify a person based on biological or physiological traits.
The Health and Social Services Access Card: What will it mean for Australians? Financial Literacy, Banking and Identity Conference 25th and 26th October.
Biometrics in New Zealand Passport issuing Border crossing System and information access Building access.
Protecting Children Leon Thomas Head of Regulatory Compliance, PartyGaming EGBA Chair of Compliance and Responsible Gaming Committee.
Federal Information Processing Standard (FIPS) 201, Personal Identity Verification for Federal Employees and Contractors Tim Polk May.
FIT3105 Biometric based authentication and identity management
PRIVACY ACT Federal Workers’ Compensation Conference 2014 Department of Labor.
Biometrics Kyle O'Meara April 14, Contents Introduction Specific Types of Biometrics Examples Personal Experience Questions.
A Brief Survey on Face Recognition Systems Amir Omidvarnia March 2007.
Digital Signature Technologies & Applications Ed Jensen Fall 2013.
Biometrics: Ear Recognition
MIFOS TRAINING SLIDES. 2 KNOW YOUR CUSTOMER KNOW YOUR CUSTOMER It is the policy of (ENTER YOUR ORGANIZATION’S NAME HERE) to comply with the (ENTER REGULATORY.
1 Teacher Registration in South Australia Teacher Registration in South Australia.
National Smartcard Project Work Package 8 – Security Issues Report.
European Electronic Identity Practices Country Update of Austria Peter F Brown Office of the CIO, Austrian Federal Chancellery Chair, CEN eGov Focus Group.
Zachary Olson and Yukari Hagio CIS 4360 Computer Security November 19, 2008.
© 2011 Aristotle, Inc. All Rights Reserved. Why Johnny Can't Play: Creating Websites for Grown Ups.
Understanding the Fair and Accurate Credit Transaction Act, the “Red Flag” Regulations, and their impact on Health Care Providers Raising a “Red Flag”
Intruder Testing: Demonstrating practical evidence of disclosure protection in 2011 UK Census Keith Spicer, Caroline Tudor and George Cornish 1 Joint UNECE/Eurostat.
OHT 11.1 © Marketing Insights Limited 2004 Chapter 9 Analysis and Design EC Security.
Electronic authentication: validating and verifying customer identities and bank details Presented by: Stan Matthews & Scott Robertson 13 th November 2007.
Family Educational Rights and Privacy Act. From the moment a child enters the school system, sensitive information is collected about the child (and even.
The Future of Biometrics. Operation and performance In a typical IT biometric system, a person registers with the system when one or more of his physical.
Technology Supervision Branch Interagency Identity Theft Red Flags Regulation Bank Compliance Association of CT Bristol, CT September 3, 2008.
28 th International Traffic Records Forum Biometrics/SmartCard Workshop 28 th International Traffic Records Forum August 4, 2002 Orlando, Florida.
© Experian Limited All rights reserved. Experian and the marks used herein are service marks or registered trademarks of Experian Limited. Other.
DIGITAL SIGNATURE.
Pertemuan #9 Security in Practice Kuliah Pengaman Jaringan.
Power Point Project Michael Bennett CST 105Y01 ONLINE Course Editor-Paulette Gannett.
Biometric for Network Security. Finger Biometrics.
Biometrics Chuck Cook Matthew Etten Jeremy Vaughn.
Prevention of Identity Theft. Why now, Why us? Federal Trade Commission (FTC) regulations for Identity Theft which may not apply, but it is good business.
Input Criminal Law (Forensic Procedures) Amendment Bill (B2-2009) 3 NOVEMBER 2009 Caring, compassionate and responsive.
Privacy and Personal Information. WHAT YOU WILL LEARN: What personal information is. General guidelines for the collection of personal information. Your.
Tier 4 Compliance Visits Experiences and Requirements Jon Pink Academic Registrar, University of Kent.
SAFEGUARDING IS EVERYONE’S RESPONSIBILITY Page No 1 Acceptable Documents for Verification - ROUTES 1 ROUTE ONE ALL APPLICANTS MUST INITIALLY BE CONSIDERED.
OMV – One Million Votes! YOU can make the Difference! Register Yours and Your Family Members’ Names in the Electoral Roll - Today!!
NZSTA Vulnerable Children Act 2014 Employers’ responsibilities Diane Squire, Employment Advisor 16/09/16.
MANAGEMENT of INFORMATION SECURITY, Fifth Edition
Documenting Life in the UK
Sandy Porter - Strategy Director Avoco Secure
Computer vision and biometric technology in credit risk
SECTION 1: INTRODUCTION. SECTION 1: INTRODUCTION.
Michael Biddington, UN ESCAP Statistics Division,
Chris Farmer Director of Fraud Strategy
Michael Biddington, UN ESCAP Statistics Division,
Biometric technology.
Identity Theft Prevention Program Training
E-identities (and e-signatures)
Introduction to key terms and concepts of legal identity
RECORDING AND DOCUMENTING IMMIGRATION CONTROLS
Pnina ZADKA Central Bureau of Statistics Israel
Pnina ZADKA Central Bureau of Statistics Israel
Stephanie Hirner ESTP ”Administrative data and censuses
Presentation transcript:

Identity verification in the private sector Chris Gration 30 March 2006

DRAFT 2 What is identity? Identity – (noun) (1) the fact of being who or what a person or thing is. (2) the characteristics determining this. Latin idem – the same (Concise OED) The identity of an individual has a number of aspects: e.g., his/her given name (which of course may change), date of birth, place of birth. Other facts about an individual accumulate over time (the so-called electronic “footprint”): e.g., family circumstances and addresses, employment and business career, contacts with the authorities or with other financial sector firms, physical appearance. UK Joint Money Laundering Steering Group Identity is an artefact, and also a function or process. The law assumes that each individual has a single, continuous identity as a natural person – a ‘true identity’. The law assumes that true identity is accessible. In practice it is not, but it may be approximated. A range of identity recognition processes can attempt to approximate true identity. All are fallible, and no practical recognition process is unconditionally the best.

DRAFT 3 Identity & probability  Identity recognition – establishing ‘true identity’ – is always a probabilistic process.  Identity recognition evidence may include: Biometric (fingerprints, voice, retina, facial structure and DNA) Attributed (birth name, date of birth, parent’s details) Biographical (evidence of social interaction such as credit history, educational certificates, electoral registration) (Identity Fraud: A Study, UK Cabinet Office 2002)  The outcome of the identity recognition process can be defined as a probability. Is this John? (90% accurate) Is this Smith? (95% accurate) = Is this John Smith? (99.5% accurate) +

DRAFT 4 Identity and probability  Identity recognition is always fallible. Even if the data is infallible, the mechanism to collect and assess it is fallible.  More attributes can be added to the recogniser to decrease the probability of error.  The recognition and the decision processes are separable.  The same recogniser can be used for different decision contexts by adjusting the certainty threshold depending on costs and risks.  Raising the certainty threshold will increase both the hit rate (frauds detected) and the false alarm rate (non- frauds flagged as frauds). High consequence decision Low consequence decision Low threshold High threshold Recogniser Recognition Decision Low hits Low FAs High hits High FAs

DRAFT 5 Risk – valid ID validly claimed  Testing validity of claim to an ID is the most difficult claim for verification processes. It requires detecting ID frauds (either ID takeover of a valid ID, or synthetic creation of a valid ID).  Face to face verification (facial recognition) may be considerably less effective than remote, algorithmic processes.  More than 50% of unfamiliar faces were not matched to photo IDs in one study. 1 1.Kemp, Towell and Pike “When seeing should not be believing: photographs, credit cards and fraud” Applied Cognitive Psychology Vol Detection rate % of frauds detected False Alarm % of non-frauds rejected Best case Easiest to detect fraud 66%7% Worst case Hardest to detect fraud 34%14%

DRAFT 6 Electronic ID verification  Electronic ID verification is a remote, algorithmically integrated ID recognition process  eID tests evidence from the ID claim, with elements of biographical and attributed evidence stored digitally in datasets.  The key elements of eID are data, a matching process, and a scoring layer to integrate a probability.  eID differs from Document Verification in its goal: document verification seeks only to verify that a document is validly issued. It may be a source of evidence for ID verification.  Electronic ID and Electronic document verification may both operate remotely and using algorithmic integration of the evidence.  Algorithmic integration may in many circumstances be superior to manual integration:  It permits integration of a very large number of evidence variables consistently ID claim Matching process Internal & cross checks Integration layer Score

DRAFT 7 Comparison of UK and Australian data sources available Data set AustraliaUnited Kingdom Consumer credit records Yes Public record information Yes Companies information YesNo Electoral roll Yes Telephone numbers Yes Deaths NoYes ID Fraud information Yes Postal addresses Yes Post office re-directionsNoYes Watch lists Yes Aliases Yes

DRAFT 8 Privacy issues We need to clarify  public interest in identity verification  matching is not disclosure  how consent can be made meaningful  consistent guidance for use of public registers

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.