Download
1 / 19
190 likes | 384 Views
Taller Subregional sobre Mejores Prácticas en Seguridad de Documentos de Viaje y Manejo de Identidad Centro Internacional de Instrucción de Aeropuertos y Servicios Auxiliares México D.F., México, 12-14 de diciembre de 2011. Erik Slavenas MRTD Programme Officer.
E N D
Taller Subregional sobre Mejores Prácticas en Seguridad deDocumentos de Viaje y Manejo de IdentidadCentro Internacional de Instrucción de Aeropuertos y Servicios AuxiliaresMéxico D.F., México, 12-14 de diciembre de 2011 Erik Slavenas MRTD Programme Officer Evidence of Identity: the concept and ongoing work
Defining the terms • Evidence of Identity (EoI) • Vs. • “breeder documents”
Why bother? • Relative decrease of MRTD fraud – by smart criminals • Focus on other weaker segments of the MRTD lifecycle – issuance • Remedy: a robust issuance process that fully uses EoI scrutiny and its strengths
An increasingly prevalent global shift from document fraud to identity fraud • See Malcolm Cuthbertson’s The Changing Dynamics of Travel Document Fraud at http://legacy.icao.int/MRTDsymposium/2010/Docs/Cuthbertson.pdf
International treaty Globally interoperable Well organized multilaterally Existing systems and guidance Security features Founded on premise of machine readability No international foundations Endless number No systems, no guidance, no generalized handbooks and above all, no interoperability No systems of security or other guardian features No international standards or specifications MRTDs “Breeder Documents” Identity Documents
EoI: the 3-level approach Claim to an identity is tested by the PO checking: • what the applicant “has” to support the claimed identity (“breeder docs”); • what the applicant “knows” about the identity that is claimed (social footprint); • who the applicant “is” (biometrics).
EoI – Components of an Operational Model • The three components for establishing identity involve: 1. Evidence that the claimed identity is valid, i.e. that the person was in fact born and, if so, that the owner of that identity is still alive. (Also read The Day of the Jackal by F. Forsyth) 2. Evidence that the presenter links to the claimed identity – i.e. that the person claiming the identity is who they say they are and that they are the only claimant of the identity. 3. Evidence that the presenter uses the claimed identity – i.e. that the claimant is operating under this identity within the community. • This is the model for the Evidence of Identity.
1. “Breeder documents” • Birth Certificate • Certificate of citizenship/naturalisation • Existing passport or other travel doc • National ID card / voter’s card (cedula) Features: gov’t issued, preferably has a photo, has security features Difficulty: lack of uniformity, low security features, lack of uniformity
2. Document databases and reference to official records • Civil registry (births/marriages/deaths) • Voters registry • Citizenship/immigration records • Professional licences • Motor vehicle records • Court records • Property ownership records Automated or accessible via a secure real-time connection Also – checking the identity against watch lists - checking PO database/archives for similar names, DOB, name spelling variations
3. “Social footprint” Interaction between the applicant and the society – documented or “known” Supporting docs: • Medical records • Marriage certificate • Bank and taxation documents • Employment record • Driver’s licence and car registration • Educational records • House/electricity, gas meter, police records, etc Dealing with exceptional cases
4. Interview • Regular or by request • Applicant obliged to tell the truth by law • Non-verbal aspects: confidence, behaviour, nervousness • Photos submitted can be verified • The replies must match the application story • Can be used to extract additional info, clarify questions or discrepancies, support social footprint, confirm or give hints about misrepresentation, capture biometric data, etc.
5. Use of Guarantor • Certifies the claimant’s identity – or likelihood - under oath • A member of a regulated profession (doctor, lawyer, policeman, etc) – or passport holders • Must be verifiable through records • Legal aspects: delivered under oath, misrepresentation a serious offence, cannot be paid or relatives • Must have known the applicant for a long time • Links with social footprint
6. References • At least two recommended • Independent and unrelated to applicant • Can be contacted by the PO to confirm identity scrutiny
7. Use of biometrics • Anchoring an identity to biometrics – a v. strong safeguard • The first time – capturing – not v. useful for confirming identity • The process must be robust and safeguards must exist • Facial recognition: 1:N checks
ICAO Work on Guidance Material • ICAO NTWG Working Paper “Towards better Practice in National Identity Management” on EoI presented to the TAG/MRTD 20 and approved for final development • Early working version at http://legacy.icao.int/icao/en/atb/meetings/2011/TagMrtd-20/Docs/TagMrtd-20_WP005_en.pdf • Finished version to provide Guidance Material and reference on EoI to Sates
Summary • Shift to fraudulent breeder docs and exploiting weaknesses in the issuance process • Hence the need for robust EoI • EoI is more than “breeder documents” • EoI – no strict science but a toolbox of techniques and approaches to establish the claimed identity beyond reasonable doubt • Further reference – NZ presentation on EoI at http://legacy.icao.int/MRTDsymposium/2010/Docs/Offenberger.pdf • ICAO ongoing work on EoI – stay tuned
THANK YOU!Questions? Comments? Feedback? http://www.icao.int/Security/mrtd/Pages/default.aspxeslavenas@icao.int
