U.S. flag

An official website of the United States government, Department of Justice.

Identification Systems: A Risk Assessment Framework

NCJ Number
Russell G. Smith
Date Published
September 2006
6 pages
This paper provides a framework for evaluating three principal approaches to identifying people for government and business purposes in Australia.
In deciding whether to implement different types of personal identification systems, policymakers need to ensure that the new technology achieves its intended security aims and does not make matters worse. There is also the need to balance the evidence that exists in support of and against any given system in relation to each of the various considerations outlined. Policymakers should avoid relying solely on technical performance. It is only one criterion which can be measured in a wide range of ways. Identifying people with certainty is both time consuming and costly for public and private sector organizations. In addition, failure to have effective means of identification creates opportunities for criminal activity. Three approaches in identifying people for government and business purposes are the 100 point system operated throughout Australia, biometric technology, and identity cards. Each system involves the use of two processes: the enrollment and matching. The ways in which these three systems can be evaluated differ depending on the particular type of technology and security measures used, as well as the purpose for which the system is being used (either identification or surveillance). This paper provides a framework for assessing the competing factors that decisionmakers need to address when determining the effectiveness and efficiency of any proposed identity checking system. Ten group factors are identified, against which each system can be assessed: enrollment, matching, efficiency, data security, spoofing (counterfeiting), privacy, user acceptance, rectification, cost, and displacement. Table, references