How do you establish identity when people can change their appearance at will?
Building on the universe established in this question, what happens to identity verification when someone's physical appearance and genetic code are modifiable at any time?
Review of universe rules:
- All genetic disorders have been eliminated. Children are tested at birth for disorders and those disorders are eliminated. Eugenics doesn't play a role here as every outward attribute is maleable.
- Genetic manipulation is cheap, ubiquitous, and perfect (no side-effects or unintentional changes).
- Genomes are cheap to sequence ($10/genome).
- Gene treatments are capable of manipulating every single characteristics of a person's body, including but not limited to, hair color, eye color, skin color, facial structure, body fat distribution, height, musculature, sex.
- Near-future (max 2025) technology levels. (Admittedly, genetic manipulation of this kind is probably not going to be available in the next 10 years, but just go with it.)
- Genetic manipulations are highly regulated with perfect enforcement of regulations by a global regulatory body. This doesn't preclude people from making illegal genetic changes, just the assurance that they will be caught and the changes reverted.
- Manipulation of the brain or brain chemistry is strictly prohibited. (Sorry, schizophrenics, your time will come.)
Additional rules:
- While the treatments are very monetarily cheap for all possible manipulations, the changes themselves can be painful and lengthy. For example, adding two inches to your height would require time off your feet and some painkillers as your bones, tendons and muscles reform themselves to the new genetic blueprint.
- Genetic privacy is tightly regulated with long court histories protecting a person's genome; think European privacy laws only with stronger penalties and tighter enforcement.
To establish a user's identity, three different components may be used, something the user has (such as a credit card), something the user knows (PIN to a credit card) or something permanently attached to the user (fingerprints or facial recognition). Strong authentication or two factor authentication relies on having two of the three identification components.
With this new gene manipulation technology, biometric authentication no longer works the way it did. Looking at someone's picture on a drivers license or taking fingerprints no longer unequivocally establishes someone's identity.
What kind of technological and/or regulatory solution(s) might be used to ensure that a person's identity can be verified with 99.99999% accuracy? (At this degree of accuracy, a misidentification will occur once in every million identification attempts) Broader changes to society as a result of amorphous physical identities are outside the scope of this question.
3 answers
Short, easy-to-read gene tags.
Since all modifications are reliably policed, you can require that every modification includes a short, non-coding DNA sequence containing the recipient's legal identity. For good measure they could add the date, the serial number of the clinic, and maybe a regulator-provided hash for security. It could be done in less than a hundred DNA bases unless you want a really long hash.
How quickly and cheaply the tag can be read depends on the nature of your "extremely cheap and fast" sequencing technology. Whatever it is, you don't need to read the entire genome. The tag could have a standard sequence at each end for PCR amplification, and if that isn't enough you could use multiple copies or put the one copy at a standard point in the genome. Some current instruments do parallel sequencing to keep the total time down, so it's conceivable that your advanced sequencer might take as long to read a short tag as to read the entire genome, but not likely.
I suggest a testing station in every town where people go to have their identity verified every time they renew passports, driving licences etc. These documents (as now) include a recent photograph, with the requirement that it be renewed if a significant change is made to the person's appearance. If someone gets a "new" face coded, they might have to update their documents a couple of times while it grows to shape, adding to the cost of the treatment. If the testing is fast enough, airports can be equipped to compare people's current DNA to their passports before they fly.
The extreme version would be a cheap portable device that grabs a few skin cells and reads out the identity a few seconds later, negating the need for other documents, but that would raise several privacy issues. It would also be open to abuse - gloves impregnated with someone else's DNA, dodgy practitioners modifying only the skin of the hands...
Non-modified individuals can be IDed in traditional ways, but as you're reading DNA anyway, any known highly-variable region could be recorded and used as ID. Since illegal changes are always reverted, it might be that the authorities already keep a record of each individual's original genome - how else would they know?
0 comment threads
Since manipulation of the brain is prohibited and illegal modifications are assumed to be reliably caught, the obvious way to check someone's identity with biometry would be by checking their brain.
One thing I could imagine is that there are recognisable patterns in the EEG that allow identification. These could be either patterns that are permanently found, or patterns that are the result of specific stimulation.
Therefore the biometric identification process could involve using an EEG cap, and for example watching the response of the brain to specific sound patterns played over your headphones.
Obviously the “something you know” and “something you have” components would not be affected by genetic manipulation, however I could imagine that the “something you know” component could take advantage of the EEG cap as well, by reading directly from your mind if you recognise certain things presented to you. Since that way you don't provide any visible evidence of what you know and what not, that method would be reasonably secure from physical eavesdropping.
0 comment threads
One obvious answer is RFID tag microchip implants, for example attached to the ear at birth, at the same time as someone is given their personal credentials. The body can change but the chip will remain the same. This technology is already available today, used on pets and livestock etc.
There are of course many practical problems with this: is the encryption safe enough, data retention, will the tag need to be repeatedly replaced, what if someone cuts off their ear etc.
In addition to this tag, perhaps the "personal credential numbers" (social security number or whatever it is called in the specific nation) are only known to the person and the authorities, not the public.
To authenticate someone's identity, you could ask for the person's name, number, date of birth and the RFID chip itself.
2 comment threads