Identity In Transit

In my last job, one of the things that kept me up at night was the notion of electronic identity “in transit” or “on the wire.”  Specifically, I was concerned with protecting the electronic credentials of our customers from any kind of eavesdropping, spoofing or tampering as they were transiting the network at the moment a person entered them in a web form, login box on a computer, on their smart phone, or anywhere else they used their officially issued username and password.

Now I find myself in physical transit, from Iowa to Pennsylvania.  Along with that transition comes the need to re-prove who I am to a number of different agencies and institutions.  Those agencies are rightfully concerned with the prevention of any kind of tampering or spoofing of my identity in physical transit.  Along with that concern comes the need for rigorous forms of identity proofing and vetting in order to obtain new credentials.

Because I do this for a living, I knew the kinds of checks that were going to be required to prove my identity in my new location.  I was atypically well-prepared.  Before the movers arrived, I carefully packed all my incredibly precious, practically irreplaceable, highly combustible paper government-issued proofs of identity in a special box in the center of my car’s back seat.  Like a baby.  I knew that the checks to prove who I am to the Commonwealth of Pennsylvania would be burdensome, but I never really had the opportunity to experience them first-hand, and all at once, before.  Here are my experiences so far.  Please note that these experiences are likely nearly identical in every state in the union (thank goodness I didn’t move to California or my ability to drive would have been in question and I would have had to get fingerprinted!)

The Drivers License

I started with what appears to be the “intermediate certificate” in the trust chain rooted in US citizens’ birth certificates and social security cards: the state-issued drivers license.  This form of physical identity has the following attributes:

  1. It’s highly vetted
  2. It’s issued by a state agency
  3. It has your photo and signature on it
  4. It has your address of record on it
  5. Its issuance is rooted in more deeply-entrenched forms of identification
  6. It’s not so irreplaceable that you can’t carry it with you everywhere, like you can’t with a birth certificate
  7. You must carry it with you everywhere to effectively operate in the modern world
  8. You can’t get one if you don’t already operate effectively in the modern world

As such, most other forms of daily identity proof are rooted in the state-issued drivers license.  To obtain this, I had to drive 10 miles out of town (good thing I have a car and an existing drivers’ license) to a small building where I had to write a check (no cash or credit accepted – are government agencies even permitted to not accept US currency?) to the PennDOT and surrender my Iowa license, present a Social Security card (why?) and any of the items from list A and two of the items from list B:

A

  1. Birth Certificate with raised embossed seal (not a copy)
  2. Certificate of US Citizenship
  3. Certificate of Naturalization
  4. Valid and original US passport (not a copy)

B

  1. Tax records
  2. Lease agreements
  3. Mortgage documents
  4. W2 form
  5. Current weapons permit (US citizen only)
  6. Current utility bills

Note that were I any less than a fully employed and housed person of good means (I carry a passport, and can afford a safe deposit box in which to keep my social security card, birth certificate and passport) I would have an extremely difficult time obtaining a license or photo ID in Pennsylvania (which, were it not due to the action of the ACLU, would be required to vote in an election here.)  If I didn’t have an Internet connection or at least access to a phone, I wouldn’t have been able to determine what I needed to take with me beforehand, and might have needed to make multiple trips, in the car which I thankfully own and am licensed to drive.

Luckily, the address on my check was not required to match my Pennsylvania address of residence, doubly so due to the tear in the space time continuum that would have been caused by identity in transit issue number two:

The Bank

I like credit unions- they exist to serve the membership.  The credit union I currently use in Iowa is a community credit union, meaning it has a community charter, and anyone in the area (a huge area) can use it.  I can still use it because I have existing business with them.  I want to get a new account at a credit union in Pennsylvania because I don’t want to pay ATM fees for withdrawing cash here, and I need to get a safe deposit box to put my incredibly precious and practically irreplaceable, highly combustible paper government-issued identity documents in.  The credit union here does not have a community charter, which means I need to have proof of employment at my new employer to get an account.  That’s fine, I can just do that when I start work at my new employer.  Here’s the fun one though: the credit union asked for my Pennsylvania drivers’ license.  Imagine if the drivers’ license office had decided that the address on my check (no cash, credit or Trobrian Island yams accepted!) needed to match my official Pennsylvania address of record.

Car Title

These next two things are not technically personal identity issues, although they deal with the state-issued identity of my car, which is almost as tightly controlled as the state-issued identity of me as a person.  When I went to the credit union in Iowa (which owns the lien on my car) to ask them about transferring the title to Pennsylvania, they said “don’t move to Pennsylvania.  Anywhere but Pennsylvania.  That is the worst state to transfer a title to.”  I’m not kidding, that’s verbatim.  So, clearly that’s not going to be a problem.

Vehicle Inspection

Iowa does not require any kind of periodic vehicle inspection (this shows in many of the cars on the road) and does not have what the EPA considers to be an air pollution problem, so does not require California Air Resources Board (CARB) certification.  You can legally (and actually) buy a car in Iowa that does not comply with CARB specifications.  If you take your car to Pennsylvania when you move, it’s MY2008 or newer, and it doesn’t have CARB certification, it must have over 7,500 miles on the odometer or you are out of luck, I guess.  Perhaps you could just drive to the King of Prussia Mall a few times to run up the clock before your 20 days to register your car expires.  Of course, in your formerly non-coastal, more-polluting, non-CARB-certified, extra-dinosaur-burning-mobile, that would just cause more pollution, not less.

Neighborly Identity

For the past week, we have had numerous neighbors in our condo association stop by to say “hi” – this was nice the first few times it happened.  Now it is becoming clear that they are investigating whether we are going to depreciate their property values and/or throw wild parties all night.  We are a prematurely elderly, workaholic grad student/professional couple with no kids.  Hopefully they will figure that out and stop ringing our doorbell while I’m on conference calls.

The Grocery Store

Loyalty programs abound!  They are all slightly different and all have weird different rules.  To obtain today’s lowest price on spaghetti sauce, I had to create an on-line identity at the new and different (to me) grocery store and print out a temporary loyalty card on my laser printer, which I bought at Staples, with a discount, using another loyalty card, with another on-line identity.

I understand the need to do many of these things, even most of them.  On the other hand, they are extraordinarily onerous and not at all customer-friendly.  In some cases (voter ID laws) they are blatantly and intentionally disenfranchising of certain segments of society.  That’s a problem.

Update (4/13/2013) – Title and Registration

I don’t know what the credit union thought would be so difficult about getting the title and registration transferred.  Within a couple days of me sending a form to them asking them to send the title to Pennsylvania, I had a new title issued in Pennsylvania, plus my registration and license plate.  It was probably the easiest thing to do yet.

An Idea For Remote Proofing and InCommon Silver

The InCommon Silver assurance profile has a section that allows for remote proofing of identity subjects. Many people I’ve asked about this are saving this section for “later” and aren’t going to try to do remote proofing to begin with. Someone said something to me the other day about the availability of notaries that makes me think this is possible to do in a not too terribly difficult way. Here’s the relevant section of the assurance profile:

4.2.2.4.3 Remote proofing
1. The RA shall establish the Subject’s IdMS registration identity based on
possession of at least one valid government ID number (e.g., a driver’s license or
passport) and either a second government ID number or financial account
number (e.g., checking account, savings account, loan or credit card) with
confirmation via records of either number.
2. The RA verifies other information provided by the Subject using both of the ID
numbers above through record checks either with the applicable agency or
institution or through credit bureaus or similar databases, and confirms that:
name, date of birth, and other personal information in records are on balance
consistent with the application and sufficient to identify a unique individual. If
this appears to be the case, the RA authorizes issuance of Credentials.
3. If the record checks do not confirm the Address of Record, it must be confirmed
as described in §4.2.2.5 below.

Note that it says if you can’t confirm the information provided via record checks, you have to register the subject via the address of record. Everyone seems to be focusing on the technical problem of verifying the source document numbers via Equifax or other credit bureaus, and/or state motor vehicle registries. I think people are so shocked by this requirement that they’re misdirected away from the critical pieces here:

1) You only need to register the facts of the documents presented – you can do that via notaries public that are available free of charge for customers at all banks in the US.

2) You can confirm the identity of the individual by delivery of a registration secret to an address of record. What is an address of record?

Conveniently, section 4.2.2.5 (2)(b) says:

For an electronic Address of Record, the RA confirms the ability of the Subject to receive telephone communications at a telephone number or e-mail at an e-mail address.

So you can just e-mail them a short-lived registration bearer token after you receive their notarized paper form containing their identity documentation back. Can it really be that simple?  An idea for some legalese to include on the form (I am not a lawyer) might be:

I hereby declare that the e-mail address supplied on this form by me is a valid email address that is acceptable for use in official communications with me.  I am the only person who has access to this email address.

Update: 5/30/2012: Thanks to Mark B. Jones for this interesting international tidbit on consular services and the notary function: http://travel.state.gov/law/judicial/judicial_2086.html