Monthly Archives: August 2007

Kudos to Second Life

I commend Second Life on their decision to offer a voluntary verification policy for their members. They are the first big social network to take a step toward adopting this technology.

The way I understand it, if you are a member that has chosen not to be verified you won’t be allowed access into any land that is flagged as restricted but you can stay in the PG-13 type of areas.

I’ve visited Second Life’s blog post where this announcement was made and read a bunch of the comments. One in particular makes me want to stress an important difference we think businesses must consider when selecting an identity provider and that is if the vendor is an independent 3rd party:

You say that “Linden Lab does not share Resident data for marketing or other purposes”, can someone from LindenLab state for the record that Integrity will do the same??

Many data providers offer identity verification solutions which makes sense given they collect, store and sell data as their primary business and data is a crucial part of verification. But being a seller of data and also capturing data for verification, could definitely create a conflict of interest in the minds of consumers about how their data will be used. And it also has the potential to limit match rates because the data being used is limited to the sources of that particular vendor.

Back in February we released a whitepaper about identity verification which included some questions to consider when selecting an id verification vendor. Two come to mind right now and are worth pointing out here:

Does the vendor promote the responsible use of data?
The right solution will have strict protocols for using and sharing data and will access data on a real-time basis, not collect and store it for any other purpose. Additionally, the system should provide different permission levels to limit how much and what type of data is shared within your business.


What data sources are used?
Find a vendor that works with multiple providers and does not restrict its data to any single data provider. The system should be designed with the ability to access multiple independent data sources including foreign data.




Filed under Age Verification, identity proofing, Identity verification, Second Life, social networking

The United States of Attorneys Generals

The Wall Street Journal reported yesterday that the Attorneys Generals of all 50 States have joined forces to pressure social networking sites to require greater parental controls and age verification tools so that minors can’t access the sites so easily.

Here’s what Blumenthal had to say:

“These sites say they want to cooperate, but they have resisted the concept of age or identity verification.”

While there are always several reasons companies resist change, one that really stands out to me as a probable explanation in this situation is the fear that something of value will be lost. Like members.

One of the biggest arguments social networks have claimed from the beginning about age verification ineffectiveness is how difficult it is to verify the age of a minor. Yes, there are challenges with this. But instead of clinging to this as an excuse not to act, why not focus on what can be done today. And that is age verify the adults.

Although Facebook has received some attention lately about a few predators getting on the site since opening up to the general public, they are most well known for their ability to separate users under 18 from those over. And ZoeysRoom seems to be doing a good job of verifying that its members are kids.

What I think we need to move away from is the notion that this problem is only an issue of age. Blumenthal had it right when he referred to it as “age or identity verification.”

Leave a comment

Filed under Age Verification, Facebook, Identity verification, Internet Safety, MySpace, protecting kids online, Richard Blumenthal, social networking

Spotting a Fake ID with Identity Proofing

A reporter at the Arizona Republic recently wrote a great article about the booming fake document market in Arizona, illegal immigrants, identity theft and how business is about to get even bigger. 

The State’s new employer-sanctions law requires verification of worker eligibility through a federal system called the Basic Pilot Program.  The system works to weed out made-up social security numbers but it won’t detect when someone is using a stolen identity. 

This program makes it kind of hard to comply with the new law I blogged about last week and how employers risk prosecution if they don’t fire workers whose names and social security numbers don’t match.  The agency that manages the program is rolling out a new feature soon which will match photos on green cards with photos stored in a government database. 

It sounds cumbersome especially when there is a much easier way for employers (and the government!) to spot a fake id that won’t break the bank or slow down the process.

Leave a comment

Filed under e-verify, employment fraud, id theft and illigal immigrants, identity, identity proofing, identity theft, social security numbers

Identity Verification Countdown

According to this article employers have 120 days to determine (and resolve) discrepancies over Social Security Numbers of employees and matching government records or else face a possible criminal investigation and a 25% increase in fines. The effort is to help crack down on employing illegal immigrants.

DHS issued a regulation that will take effect in 30 days and will give employers 90 days to resolve any discrepancy between the Social Security number provided by an employee and government records. Chertoff said the SSA will be sending out about 15,000 “no match” letters a week over a two-month period.

Now seems a really good time to point out that our identity verification is so easy to implement and start using that a business could be up and running with it before the end of the day. Leaving you the remaining 119 days to hire and train new employees if needed.

Leave a comment

Filed under id theft and illigal immigrants, identity proofing, Identity verification, social security numbers, stolen identity

YouTube As A Crime Fighting Social Network

Did you hear about the laptop thief in New Zealand who was caught after somebody identified him through a YouTube video?  Apparently someone caught the crime on camera and created a video of it set to the Pink Panther’s theme music and uploaded it to YouTube.  One of the 500,000 viewers recognized the thief and called the police.

In our States capitol, a LeDroit Park store owner posted the surveillance camera footage of 2 armed robbers of his store in the hopes of someone being able to provide information about the robbers and also to get the attention of the police.

A really interesting twist is the way comedians are starting to use YouTube to expose other comedians that steal their jokes.  Videos comparing the routines of various comedians over different time periods are uploaded so that the public can judge for themselves on whose joke it really is.

Ironically it’s copyright infringement lawsuits that have YouTube working to implement video recognition technology to automatically detect videos that fall under copyright material and were uploaded without permission.

Despite its crime stopping abilities, the more I play around on YouTube, the more I really believe the site absolutely needs to use age verification before allowing access to some of the material being posted. One example is the movie trailer for Superbad which anyone can see on YouTube (hmm, how will movie trailers rank in the copyright detection software?) but Sony Pictures, the movie’s producers, required age verification to view the trailer (although it appears the system they chose was ineffective based on this person’s experience).

Besides the easy access to this red-band movie trailer, there are other videos anyone can watch that truly shocked me given so many kids are on  YouTube everyday.

Leave a comment

Filed under Age Verification, YouTube

Punishments for Identity Fraud Crime

The AJC reports today that an Atlanta man has pled guilty for stealing $1.5 million in credit from 225 people. He was sentenced to 3 ½ years in the federal penitentiary.

I commend the officers involved in catching this man, especially because his capture led to the uncovering of a multi-national scam. Many of the cards issued were from foreign banks so the true credit limit available to him couldn’t be tracked.

Some other interesting cases going on are in Kansas where a few Mexican nationals attempted to transfer Social Security funds acquired under fake identities to their other real, or fake, identities. One person has already been convicted and will hear sentencing in September. He faces up to 10 years in jail for fraud of documents and a minimum of 2 years for identity theft of 7 different people. In the other cases, the people pled not guilty and will go to trial but the dates have not been set yet.

About to go before the U.S. Congress is a bill designed to help deter identity theft by putting tighter restrictions on the use of social security numbers. In it, there are tougher punishments for those convicted of misuse of social security numbers. Specifically it will

Impose criminal penalties up to five years in prison and $250,000 and civil sanctions up to $25,000 per incident for misuse of Social Security numbers. Repeat offenders could get 10 years, and use of the numbers in drug trafficking or violent acts would carry sentences up to 20 years in prison.

The bill has already passed the Ways and Means Committee, 38-0. Now it’s on to the House.

Since the South is already in “back to school” mode, here’s a reminder on “How A Bill Becomes A Law” from Schoolhouse Rock

Leave a comment

Filed under fraud, identity, identity theft, identity theft crime, protecting your credit, social security numbers, stolen identity

Age & ID Verification + KBA = Better Protection on Social Networks

PC World wrote a more in-depth article last week regarding the Facebook news I blogged about here. I was particularly pleased to see this from Chris Kelly in the article:

“It is better to have some sort of verification on the front end and various forms of behavioral verification on the back end,” Kelly said of Facebook’s approach to site safety.

By nature of how the site began Facebook does have more verification processes in place which means an automated age and identity verification system could segue nicely into their operations.

Those opposing age and identity verification in social networks have several easily debate-able arguments with one being

there is no simple way to screen for sex offenders and kids masquerading as older users or to ensure whether parental authorization actually is given by parents or by kids pretending to be their parents.

This is what knowledge-based authentication is all about. KBA is a higher level of verification designed specifically to verify the person is who he/she says — so that a kid who has stolen their parents credit card, or a sexual predator creating a false identity, is not easily able to get past these questions.

And then there is my favorite argument

identity and age verification will deliver a false sense of security and is not a “silver bullet.”

Identity and age verification is an integral part of the equation to help protect kids. Everything needs to work together including our vigilance in continuing to educate kids (and adults) about the dangers of the Internet and how to protect themselves. Parents still need to stay on top of what their kids are up to and technology should continue its advancements to provide better and safer solutions. Overall what id and age verification does is put an extra layer in the mix to help parents keep their kids safe.


Filed under Age Verification, knowledge based authentication, protecting kids online, social networking