After 9/11, the US revamped passports and passed the Real ID Act attempting to require states (many have balked) to enhance supposed security measures to prevent fraudulently obtaining identification. And a report issued last week by the Government Accountability Office informs us that after billions spent on security "upgrades," the feds still fail to detect most actually fraudulent attempts to obtain a passport. According to the report summary:
GAO was asked to perform additional proactive testing of State's passport issuance process to determine if it continues to be vulnerable to fraud. To do this work, GAO applied for seven U.S. passports using counterfeit or fraudulently obtained documents, such as driver's licenses and birth certificates, to simulate scenarios based on identity theft. GAO created documents for seven fictitious or deceased individuals using off-the-shelf, commercially available hardware, software, and materials. Undercover investigators applied for passports at six U.S. Postal Service locations and one State-run passport office.I find that extraordinary. Next month will be nine years out from 9/11 and if these examples are typical, it's just as easy to get a fraudulent passport today as it was years ago before supposed reforms. There's been so much focus on improving passport security - like installing RFIDS in passports that hackers almost immediately copied - that the notion that it's still this easy to get a fake would be laughable if from a taxpayers' perspective it weren't so angering.
State's passport issuance process continues to be vulnerable to fraud, as the agency issued five of the seven passports GAO attempted to fraudulently obtain. While there were multiple indicators of fraud and identity theft in each application, State identified only two as fraudulent during its adjudication process and mailed five genuine U.S. passports to undercover GAO mailboxes. ... GAO's tests show that State does not consistently use data verification and counterfeit detection techniques in its passport issuance process. Of the five passports it issued, State did not recognize discrepancies and suspicious indicators within each application.
Several takeaways here: 1) It's a lot harder to discover intentional fraud than grandstanding politicians seem to grasp, 2) expensive tech can't substitute for competent human evaluation, and 3) even "gold standard" identity documents mainly regulate the law abiding, while dishonesty, corruption and incompetence will always exist and be subject to manipulation in any security apparatus, no matter how much money and resources you throw at it.
See the full report (pdf).