« I missed the Ruby train and fell down on the Rails
I need a server »

REAL ID

The 9/11 Commission suggested that the U.S. Federal Government improve it’s system for issuing secure identification documents. To that end, Congress passed a law, the REAL ID Act in 2005. This act requires the DHS to set some standards for State issued ID Cards that will supposedly make the U.S. more secure. Yeah… right…

I personally think they are going about this whole thing the wrong way. My primary objection to this is that they are proposing to have each state create a repository of personally identifiable information that will be accessible to a variety of agencies. Any system that would store personally identifiable information on all the citizens of a particular state would be in dire jeopardy of being hacked.

My solution to the problem would be to use a variety of biometric data, stored directly on the card. That way if someone wants to know if I am who I say I am, they simply ask me to submit my finger, iris, face or combination thereof to a scan. No going back to some server at the State capitol, no repository of data inviting abuse. While not completely fool proof, this system would tell the person checking identities that I truly am the person shown on the card. The only hurdle then is one of preventing forgeries. The solution to this problem is simple, but does require a central repository of data. The primary difference being that this data need not be personally identifiable. The card would simply need some super long, random string of characters that has no association to the individual in possession of the card. If a particular card’s identifier is in the database, and the person who is in possession of it has been verified by a biometric scan then it is safe to say that the person is indeed who they claim to be and that the card itself is not a forgery. Seems simple enough to me.

I am the person listed on this card (verified by biometrics) and this card is valid (verified by central repository of valid card numbers), therefore I am not a terrorist.

Perhaps there is some flaw in my logic, but I don’t think so (otherwise I wouldn’t have written this!)

This entry was posted on Tuesday, May 1st, 2007 at 3:51 pm and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

One Response to “REAL ID”

  1. Miss C Miss C Says:
    May 12th, 2007 at 9:39 am

    Ah, the illusion o f security and identity.

Leave a Reply