For anyone involved in the production of a high security identiﬁcation document — whether a driver’s license, national ID, passport or other — the risk of the program is a constant concern. Will the document look good and hold up after years of use? How do we make it affordable? Can we make the document easy to verify yet ensure it will resist deliberate criminal attack?
Determining the right mix of secure technologies to minimize risk can be challenging however, using the QSDC™ framework provides guidance for evaluating key trade-offs in designing a secure identiﬁcation program. This framework articulates a step-by-step process for determining the right mix of quality, security, durability and cost (QSDC).
A high-quality document will be consistent in appearance and closely match all other documents issued in the same ID program. The security features — in particular, the primary portrait — will be crisp and clearly deﬁned to allow easy authentication. Machine-readable features, such as chips, optically readable characters (OCR) and barcodes, will read consistently and accurately. Laminates will have the necessary optical clarity. Overall, a high-quality identity document will look and feel like one. Poor quality leads to variations between documents, which makes simulation easier and veriﬁcation harder.
The security of an ID is a measure of how well it resists deliberate attack. Document attack is either by simulation to produce a counterfeit, or by tampering in an attempt to alter the information within the ID. The security of the document depends upon how difﬁcult it is to simulate or tamper, and also how easily the genuine document may be veriﬁed as being genuine.
The fundamental principle in designing an ID program is layered security and the use of multiple security features (overt, covert and forensic). A single security feature is not capable of defending against all possible threats or enabling quick and confident validating decisions on authenticity. Rather, a network of security features that are clear and intuitive should be layered into every ID.
The durability of an ID deﬁnes its resistance to change. A document is exposed to a variety of environmental hazards during its life, such as light, extreme temperatures and humidity. An ID with high durability will survive the required validity period without signiﬁcant visual change, and without compromise to its performance. The durability features organizations build into their cards need to be resistant to abrasion, chemicals and normal wear and tear — while making cards more secure.
In the real world, issuers face cost constraints due to limited budgets. Consequently, ID issuance departments of governments often have to fight for funds —while keeping an eye toward delivering an optimal system to its population and providing a secure ID at an affordable price.
On the surface, these challenges are apparent. But what is often less obvious is the risk of exacerbating the situation by reducing costs in the wrong areas. Weakening the design or security features of an ID card can result in mass fraud, which requires expensive remedies and potentially a complete overhaul of the issuance program. Saving money by using lower quality components — inks, chips and substrates —can reduce document lifespan, which also drives up costs far more than doing it right from the beginning. The most important factor in implementing a program within budget is to learn from other people’s mistakes. The use of tried and tested best practices helps minimize the chance of unexpected overspending.
BRINGING IT ALL TOGETHER
The QSDC™ framework elements are under constant threat. For an ID to function and survive in the “real world,” it must be threat resistant — achieved by careful design with the QSDC Framework in mind. Materials, components, features, hardware, software, processes, procedures and training must all play a part in delivering an ID document that successfully meets the performance challenges. Using QSDC best practices significantly reduces the risks associated with the issuance of secure ID documents, and optimizes the performance of the program for years to come.