Chapter 1: Introduction
In the United States, identity theft and identity fraud are vast and growing problems.
Identity theft is the illegal acquisition of someone else’s personal identification information, such as passwords, private data, personal identification numbers (PINs), or security tokens (Jamieson et al., 2012). Identity fraud involves an individual using information gathered via identity theft or illicitly attempting to use someone else’s personal identification information for the purpose of impersonating the victim to commit or attempt to commit criminal acts or achieve personal financial gain (Jamieson et al., 2012). According to the Identity Theft Resource Center (ITRC, 2017), in 2016, there were 1,093 data breaches in the United States, which represented a significant increase of 40% from the 780 data breaches reported in 2015. These breaches exposed more than 36 million records and included information such as Social Security Numbers (SSNs), health reports, drivers’ license numbers, passport numbers, addresses, credit and debit card numbers, and bank statements.
Identity theft and fraud can hurt targeted individuals through lost life savings, damaged credit, denied loans, and other serious consequences, such as being liable for debts that are unknown to victims or being incarcerated for crimes caused by identity thieves (Identity Theft, 2000). To safeguard consumers’ personally identifiable information (PII), legislators and Congress have passed bills to tackle issues surrounding identity theft and fraud, including the Identity Theft Penalty Enhancement Act (ITPEA) of 2004, the Gramm-Leach-Bliley Act (GLBA) of 1999, and the REAL Identification (ID) Act of 2005 (U.S. Department of Justice [DOJ], 2010). The ITPEA specified punishments for identity thieves who use someone else’s identification information to carry out criminal acts (DOJ, 2010). Under the GLBA privacy act, financial institutions must comply with several requirements, including the mandatory use of
security safeguards to protect consumer data from unauthorized disclosure, access, misuse, loss, or alteration (GLBA, 1999). With the Real ID ACT Enhanced Driver’s License (EDL) and Enhanced Identification (EID) Card acts, individuals planning to travel by air or to enter any federal agency, including U.S. military facilities, must have an EDL or EID for identity verification (Real ID Act, 2005; U.S. Department of Homeland Security [DHS], 2016b).
According to the DHS (2015), EDL and EID cards will have “a Radio Frequency Identification (RFID) chip that will signal a secure system to pull up your biographic and biometric data . . . and a Machine Readable Zone (MRZ) or barcode that the federal official can read electronically if RFID isn’t available” (para. 4). Federal employees and contractors use similar technology throughout the government, called a Smart Card (SC). For example, all Department of Defense (DoD) employees, contractors, and soldiers are required to use a Common Access Card (CAC) in order to access physical, logical, and network DoD resources (DoD, 2014). This identification (ID) card issued by the federal government to its personnel is capable of verifying and confirming the cardholder's identity; storing information about the user; authenticating, recording, and tracing the user’s operations; and verifying ID holder privileges to authorize their physical and logical access to systems and data (Draper, Prenzler, & Ritchie, 2012).
CAC technology provides a more rigorous way to confirm and validate the cardholder’s identity, as it is used in conjunction with a personal identification number (PIN), public key infrastructure (PKI) authentication tools, personal identity verification (PIV) certificates, and biometric technology (DoD, 2014). Li, Lu, X. Yang, and Y. Yang (2015) suggested that combined SC and biometric (BIO) technology could provide strong verification and validation of the cardholder’s identity. This convergence appears to be a promising way to deter identity theft and fraud, as SC and BIO technology can provide robust data security, validated and verified access, and sturdy protection against exploitation, alteration, and forgery (Li et al., 2015b).
While promising, in the United States, to date, combined biometric and smart card technology (CBIOSCT) in existing forms of personal identification has not been extended beyond required federal government agencies to the private and commercial sector, all government agencies, or nongovernmental organizations. So far, there is limited research on the factors associated with the U.S. public’s willingness to adopt CBIOSCT for identity verification in a voluntary setting.
Businesses and governments around the world do their best to acquire the most modern technology in order to boost organizational efficiency and productivity and enhance the safety and well being of the population. Today, technology is not only considered to be a tool for disseminating knowledge (Franks, Krause, & Lynch, 2017), but also as an instrument to tackle changing threats (Calhoun, 2016). However, a vital prerequisite for technology-based inventions and services attaining their full operational capability is to encourage individuals to adopt and enjoy using the technology. According to Brown, Emami, and Smith (2016), the failure of integration of technologies, such as biometrics, is frequently reliant on people’s willingness to adopt and use the technology. Consequently, the comprehension of technology acceptance is crucial, because the demand for biometric technology to deliver reliable and high-performance solutions is rising at a rapid pace in both public and private sectors (Byun & Byun, 2013).
The use of CBIOSCT has vastly expanded around the world. The applications of this technology include identity verification and validation, banking, storage and data management, access control, mobile communications, public transport payment, and security (Sweta, 2015). Smart cards with biometric technology have an embedded microchip that can store and process large amounts of data (Ching-Wei, Yen, & Yu-Bing, 2015). According to Li et al. (2015a), a combined biometric smart card (CBIOSC) offers a safe and convenient authentication or identification of a person, since CBIOSC is difficult to forge. In countries such as Argentina, Belgium, Brazil, Germany, Portugal, and the United Kingdom, the key driving forces for the inclusion of chips in their national ID cards were national security, fraud and crime protection, prevention of counterfeit identification, and increasing effectiveness of government services for their citizens (Council of the European Union, 2010; Fascendini & Roveri, 2014; Federal Public Service for Information and Communication Technology [FEDICT], 2012; Soares, 2011).
In the United States, numerous bills have been introduced in Congress in the midst of concerns about identity crimes. One bill proposed a social security SC with BIO technology (Social Security Identity Theft Prevention Act, 2008). The Real ID Act (2005) implements CBIOSCT for drivers’ licenses and state ID cards to increase homeland security. Another bill would mandate a Medicare SC with BIO identifiers to minimize fraud and enhance protection and privacy (Medicare Common Access Card Act, 2015). The U.S. Government Accountability Office (GAO, 2016) conducted a thorough review of hundreds of healthcare fraud cases and found that smart cards are a pioneering solution to avert fraud.
Although the aforementioned factors may still constitute significant barriers that must be taken into account when deploying CBIOSCT, the proposed technology implemented in existing forms of personal identification in the United States could, in theory, bring important benefits to the public and organizations. Such benefits include providing a more reliable, robust, and safe form of identification to deter identity fraud and identity theft crimes (Brown et al., 2016). In this context, the aim of this investigation is to analyze the factors influencing the U.S. public’s intent to adopt CBIOSCT in current forms of identification in order to prevent identity theft and identity fraud.
CS 340 Milestone One Guidelines and Rubric Overview: For this assignment, you will implement the fundamental operations of create, read, update,
Retail Transaction Programming Project Project Requirements: Develop a program to emulate a purchase transaction at a retail store. This
7COM1028 Secure Systems Programming Referral Coursework: Secure
Create a GUI program that:Accepts the following from a user:Item NameItem QuantityItem PriceAllows the user to create a file to store the sales receip
CS 340 Final Project Guidelines and Rubric Overview The final project will encompass developing a web service using a software stack and impleme
