Dealing in deception
By Kim Powell
Identity crime is big business.
It costs Australians more than $5 billion each year and the Australasian Centre for Policing Research believes identity crime is one of the fastest growing crimes in the world.
Although using false and/or stolen identities is viewed as a platform to more serious crimes – such as the importation of narcotics, people smuggling, paedophilia and terrorism – identity crime most commonly manifests in identity fraud.
There are three main reasons why people try to deceive government agencies: to gain financially through benefits they are not entitled to; to avoid financial liability, such as paying tax or child maintenance; and to avoid being identified.
Hala Batainah, IBM’s Federal and ACT Government Software Manager, says irregularities in benefit payments form a large portion of identity fraud against government agencies, and it becomes particularly difficult when surnames differ within a relationship inside a household.
“Tax is another area impacted by identity fraud,” she says.
“Multiple identities and incomplete reporting of earned income make resolution of a tax query difficult, as files need to be compared and examined for single identity resolution to uncover the individuals attempting to defraud the government.”
As transactions are moved online, there are two key issues facing both public and private sector organisations: how do you verify someone’s identity if you can’t see them, and how do you stop people using a false identity or one that belongs to someone else?
In order to tackle these problems the Australian Government has established the central component of its national identity security strategy, the $28.3 million national Document Verification Service (DVS).
The service will allow government agencies to check key identity documents online and in real time to ensure the details being presented are accurate.
It will check Australian passports, the new health services access card, Australian citizenship certificates, birth certificates and drivers’ licences, and cross-check these databases to detect stolen or fraudulent documents.
Another component of the strategy includes three Identity Security Strike Teams, at a cost of $19.6 million over four years. The teams will be based in Melbourne, Brisbane and Perth and comprise staff from the Australian Federal Police, Australian Crime Commission, Customs and Immigration.
It is not just external fraud that government agencies need to worry about. Internal fraud is estimated to cost the public sector more than $2 million each year.
“Due to the knowledge of how the system works, many [internal] fraudulent activities go unnoticed and usually represent under-reporting by government agencies,” Ms Batainah says.
“From a technology point of view, insider fraud can be managed by allowing software systems to compare databases that look for relationships between the parties.”
However, she warns, this becomes even more difficult if multiple employees are involved in the scam. “Many illegal practices can go on for years without detection.”
Lessons from the private sector
Hala Batainah, IBM’s Lotus brand manager for Australia and New Zealand, says the public sector can learn from what has been implemented in the private sector:
* Remove personal privacy information from government websites. This information is often used to build false documents.
* Eliminate the full exposure of credit card numbers on printed receipts.
* Shred all home and government mail correspondence prior to disposing of it.
* Allow for credit files to be frozen so that new credit cards and loans cannot be made to non-verified people, eg ‘on the fly’, over the phone, at the airport.
* Protect wireless home and government WAN/LAN connections with encryption keys. Wireless access is a welcome mat into computer systems for the more sophisticated identity thief and is just as effective as ‘dumpster diving’.
[Wed 23/08/2006 03:03:07]
|
