TR-05-12: On Identity Theft and a Countermeasure based on Digital Uniqueness and Location Cross-Checking

Abstract

Abstract: We define identity theft as the unauthorized use and exploitation of another individual’s identity-corroborating information. Published research proposing technical countermeasures is sparse, in contrast to a number of recent proposals to address the sub-problem of phishing. We first identify some underlying problems facilitating identity theft. To address identity theft and the use of stolen or forged credentials, we propose an authentication architecture and system combining a physical location cross-check, a method for assuring uniqueness of location claims, and a centralized verification process. We provide two example protocol implementations of this system, for two representative applications. We believe that this system merits consideration for practical use, and will stimulate further technical solutions to the broad problem of identity theft.