A proactive security strategy for driver’s license design

42
[ This article was originally published here ]

Technology is disrupting every industry and consequently the behavior of society. There is a synchronization of technology and human ideas: as we continue to think innovatively, new forms of technology take us into the future. The evolution of thought and technology is quick, gaining speed thanks to thought leaders like Elon Musk and Jeff Bezos. Alongside these brilliant technology innovations, lie a host of equally innovative but far less savory technologies waiting to capitalize on potential weaknesses in the system. The impact of technology on security means that reactive, traditional security solutions can no longer be an effective strategy. Instead, security today means staying one step ahead of attackers, shifting the mindset from reactive to proactive.

The government sector is faced with the responsibility of providing identity security to the masses. The added challenge is that an attacker can quickly jump on a new potential vulnerability or security oversight, whereas jurisdictions must follow specific measures and procedures that can be slow to change. This is why jurisdictions turn to experts in security and fraud prevention when it comes time to designing and delivering credentials to their citizens. Today, identity documents need to defend all forms of current and future attacks because sometimes an attacker only has to find one flaw to derail all of its defenses.

Our recent blog series on driver’s license design has been outlining our recommendations for designing a highly secure credential, and in this blog we will be talking about how to optimize your card security once you have chosen your substrate.

A proactive security strategy means choosing the right security printing, features and technologies that work together to create a wide barrier of defense against current and especially future attacks or attempts at counterfeiting.

Security Design

Do:

Do create a background design that is as difficult as possible to reproduce. This means incorporating printing that is done with highly specialized technology that is not available to the public and using a variety of features like guilloche, rainbow, Microtext, etc. that intertwine to give you your design.  A single feature cannot work in isolation, so arming a credential with multiple strong, printed features is key.

Microprinting

Don’t:

Don’t write off the back of your credential as only for machine readable technology. The reverse side of the card is valuable real estate for additional security printing that can make counterfeiting that much more difficult.

Level 1 Security Features

Do:

Do refer back to your threat assessment when choosing security features for your card. You should have a profile of threats that you are currently facing and anticipate facing in the future. From there, start arming your credential against these threats with strong level one features.  Level one features are the first line of inspection and can be examined without tools or aids. The vast majority of checks performed on a license are done with level one features and they are usually what counterfeiters will try to replicate or simulate. For these reasons, special care needs to be taken with level one features.

Consider a feature like tactile laser engraving, which enables law enforcement to keep their eyes straight ahead, while easily feeling the card for its authenticity. Translucent features, like a window lock, is also a strong level one option to incorporate to ensure maximum security. Both of these features are tamper-proof, which should be a must for any of your chosen security features.

Tactile Laser Engraving

Don’t:

Don’t leave your credential vulnerable by designing the security background and layout without considering your security features. The most secure credential combines artwork and security design as early as possible. Additionally, there is such a thing as too many security features, so there has to be a balance placed in the design that uses strong features that are difficult to simulate or replicate, especially across level one and two.

Level 2 Security Features

Do:

Do thoroughly examine the DL/ID landscape before choosing level two security features. Level two features are the second line of inspection, which require examination through the use of an instrument (e.g. UV light, magnifying glass, or scanner) to verify. The sophistications in fraud mean that counterfeiters are trying to mimic level two features, such as holographic images, raising the game altogether.  Choose features that use the most advanced technology on the market today, eradicating the possibility of confusion with an attempted replica upon inspection. For example, consider high security inks, like UV inks, that use technologies and materials that are inaccessible to the public. Or consider adding a technique called Edge Sealer, which is impossible to duplicate with a copy machine or scanner due to the special expertise and technology required. Features like the Edge Sealer ensure the complete integrity of the document, offering a tamper-proof solution for optimum security.

Sealys Edge Sealer

Don’t:

A heavy reliance on level two security features can give a false sense of security, so don’t forget that many members of staff on the front-line are not trained or equipped with the equipment to authenticate level two features. Work with your design team to create a distinctive balance between level one and level two features for their respective functions.

Level 3 Security Features

Do:

Do make sure to get expert opinion when choosing level three security features. Level three features are the third line of inspection, and require specific, sophisticated technology from forensic level staff. Level three security features stay undisclosed to the public and serve the purpose of providing authentication to the experts on a per needs basis. A secure process and handling needs to be in place to ensure that the fewest number of people possible are aware of these features and how to detect them.

Level three features are critical for larger scale criminal investigations, so like with level one and level two features, choose the most sophisticated technology on the market today to offer the best security when it is needed most.

Don’t:

Don’t forget to incorporate your threat analysis at each step of the process. The best way to stay ahead is to review your analysis and incorporate level three features that combat the anticipated technological advancements of the future.

Key Takeaways

Redesigning your DL/ID documents is a collaborative effort and a compilation of proactive security measures. It involves careful consideration and analysis of the past, predictions for the future, research of different offerings, consultations with the experts, and a fine eye for detail.

As we come to the end of the driver’s license design blog series, let’s review the key takeaways for redesigning a highly secure DL/ID:

  • The strength of a credential lies in its ability to protect against potential security threats, which is why it is critical to conduct a threat assessment to serve as a guide through the design process
  • Minimizing variability between credentials is key to designing a highly secure credential
  • If you want the strongest barrier of defense, choose the strongest security features on the market
  • A durable substrate that is highly resistant to tampering and wear and tear will give you the best ROI
  • Choose a substrate, security design, and security features that use technologies that are unavailable to the public
  • Don’t consider your substrate price in isolation
  • A proactive security strategy means choosing technologies that work together to protect against current and especially future attacks or attempts at counterfeiting

Learn more about our next level document security features by watching our new video, offering a unique opportunity to get a firsthand look at our offering.

What do you think about the newly developed technologies for driver’s license security? Share your thoughts with us by tweeting us @Gemalto or commenting below.

The post A proactive security strategy for driver’s license design appeared first on Gemalto blog.