It's been almost 15 years since I last considered forging a driver's license but, thanks to modern technology, it's easier than ever. Scan a real license, import it into Photoshop, change the name, birth date, and picture, and print to photo paper on a color printer. Add your state's watermark on transparency film and laminate it all together. You're all set—go buy yourself a beer, son. Or, more to the point, go get on an airplane. As proof of identity, today's ID cards are a joke.
As Oracle Corp. CEO Larry Ellison recently pointed out, any credit card is substantially more sophisticated than most government-issued IDs. He went on to propose that the United States adopt a system of "digital IDs" backed by Oracle database software, which he would provide for free. Modern technology can vastly improve the field of personal identification. The question is, will it do enough to help the fight against terrorism?
When civil libertarians heard the phrase "national ID card," they dived into their bunkers. But Ellison only proposed the following:
- That a single digital ID replace the many government ID cards currently issued, such as driver's licenses and Social Security cards.
- That these IDs be instantly readable, so they could be used, say, by airline passengers who volunteered to carry them to speed the process of clearing airline security.
- That existing governmental databases be combined to make access to information easier and faster.
Ellison isn't alone in proposing a national ID. The new terrorism bill just signed into law requires digital IDs for all travelers arriving in the United States, and the Defense Department has ordered "smart cards" as IDs for all 4.3 million military personnel.
Should the nation commit itself to deploying national ID standards or requiring citizens to carry them, as some members of Congress urge? Webhead will leave it to the lawyers, politicians, and civil libertarians to argue it out. But how they work and whether or not they're practical—given today's technology—is Webhead's meat and potatoes.
Building the National ID Card
Proponents of a national ID card envision a "smart card" the size of a credit card and probably a little thicker and somewhat more durable. What makes a smart card smart is the capacity to store digital information, often rerecordable. A standard credit card actually qualifies as smart, because it encodes your card number, expiry date, and name on the magnetic strip on the back. The New York City subway's MetroCard is also a smart card, but both are pretty dumb as smart cards go. Moving up the IQ ladder, you find smart cards equipped with "flash" memory (the kind used in digital cameras), a microprocessor, or other electronics that aid in scanning the card and storing vast quantities of information. Many corporations (Microsoft among them) and governmental agencies issue smart cards to employees as IDs so they can enter secure buildings by waving their cards near a scanner.
An ID such as Ellison proposes must match the ID to its holder. The easiest way to do this is to use a PIN, as ATM cards do. The
The best way to match an ID to an individual is to record his unique "biometric" information—fingerprint whorls, the shape of the bones in his hand, voiceprint, or the pattern of his retina—onto the ID. Fingerprint scanning is widely available at reasonable cost from Digital Persona, Identix, Sony, and others. Because biometrics are statistical in nature—"this thumbprint looks 97 percent like the one on record"—the wrong person might be matched to an ID. But even with today's technology, this is already statistically very unlikely. I'd trust my bank account (and my family's safety) to a modern fingerprint reader if IDs must be unforgeable (and otherwise what's the point?). Thanks to encryption technology, which allows issuers to "lock" the contents (biometric data, name, age, date and place of birth, and other information) and allows only authorized users to read it, the best of today's cards are unforgeable. But building the card itself is only the beginning. Ellison wants to link ID cards to databases maintained by the Immigration and Naturalization Service, the military, FBI, and state and local police. Is modern database technology up to the job of maintaining such a gargantuan storehouse of data?
Let's say we go whole hog with our national ID and store 50 pages of text per