Al-Qaeda may be stealing your ID: stolen credit cards and purloined Social Security numbers, fake passports and forged documents—all have become weapons of war for terrorists

0 Comments | Insight on the News, August 26, 2002 | by Sheila R. Cherry

Little wonder the Stevenses are suspicious of those asking for expanded verification databases. They suggest instead that a bit more diligence might be encouraged when Social Security cards are presented. Stevens listened cordially as he shared the witness table with the federal experts and industry analysts expounding elaborate plans for biometric identifiers and authentication technology. He then quietly pointed out one low-tech verifier that he said would be effective in deterring SSN fraud: a simple understanding of the SSN itself.

According to the SSA, the first three digits of every Social Security number denote the area or ZIP code in the state where the application was filed. Prior to 1973, SSNs were assigned by field offices and the number reflected the state where the card was issued, starting with the lower numbers in the East and increasing geographically westward. A question or two about where the SSN was obtained might be a good place for a banker or retailer to start.

But it is the middle two digits that could be most helpful in authenticating a Social Security cardholder. These follow the geographically based three-digit area number. SSA officials point out that, for administrative reasons, the two middle digits are not assigned in a sequential order within a geographical area. The group numbers are given first in odd-numbered pairs "01" up to "09," then they switch to even-numbered pairs "10" up to "98." Once exhausted, the pair order reverses, starting with even-numbered pairs "02" through "08" before reverting to odd-numbered pairs of digits from "11" to "99." All the while the group numbers are followed by another set of four-digit serial numbers.

It sounds complicated, but SSA publishes on its Website a monthly issuance table that lists the highest area and group numbers assigned in a given region. So, John Stevens explains, a 20-year-old with low SSN middle digits that might match the chronological assignment pattern for someone much older who lives in the region should be fairly easy to verify by a utility company, bank or creditor, as would an SSN that is too high to be valid. And for that the only technology needed would be access to the Internet.

Meanwhile, Sen. Larry Craig of Idaho, the ranking Republican of the Senate Special Committee on Aging, is cosponsoring legislation with Sens. Dianne Feinstein (D-Calif), Jon Kyl (R-Ariz.), Jeff Sessions (R-Ala.) and Chuck Grassley (R-Iowa) to toughen penalties for aggravated identity theft. Presiding over a hearing on the impact of identity theft on the elderly, Craig pointed out that more than 700,000 Americans each year are victimized by identity theft. He calls this crime, which uses the good credit and careful spending of the targets to destroy their independence and security, a particularly insidious crime.

According to Lormel, the threat is made more serious by the fact that terrorists have become experts at identity theft and SSN fraud to enable them to obtain cover employment and access to secure locations. There is virtually no means of obtaining identification that has not at some level been exploited by these groups, he says.