1

Contents

1. Introduction ......................................................................................................................... 2
2. Background and principles .................................................. Error! Bookmark not defined.
3. Information gathering ........................................................................................................ 4
4. Solutions ............................................................................................................................... 5
5. Comprehensive frameworks .............................................................................................. 5
5.1 Wang framework .......................................................................................................... 5
6. Fingerprint Biometric Recognition ........................................................................................ 6
7. Future challenges ................................................................................................................ 7
8. Conclusion ........................................................................................................................... 8
9. Biblography ......................................................................................................................... 8


2


1. Introduction:
Identity theft has become a main problem in the recent years. This type of crime has grown
and rapidly spread around the globe. According to the Internet Crime Compliant Center, the
Identity Theft crime took the second place as the most reported offence after FBI-related
scams, and it was one of the top five reported crimes, with a percentage of 28,915 (IC3,
2011). Hence, to protect the personal data stored in the Cyber Space against such a crime
would require implementing the best practice in terms of security countermeasures. This would
effectively make it difficult for the criminals carry out a successful attack which in turn will
reduce the ID Theft crime rate. (Javelinstrategy.com, 2012)

To bring the Identity Theft problem into the light, it would be imperative for the researcher to
present the fact with relevant statistics. It is worth mentioning that most of the misuse crimes
are taking place in the Insurance Filed with an approximate percentage of 22% of total typical
misuses of identity theft. While the loan fraud represents 4% of the total frauds, it occupies
the least typical misuse percentage (Federal, 2011).
Having given a brief introduction about the ID theft, it would be informative to provide a
background demonstrating the issue as misuses of the Identity and gathering information.
Then, the approaches encountered for identity theft would be introduced. A discussion and
analysis of the solutions that can be proposed to prevent identity theft is next proposed.
Finally, some future challenges in regards to the problem are discussed.

2. Background and Principles:
Identity theft is When an impostor co-opts your name, your Social Insurance number (SIN),
your credit card number, or some other piece of your personal information for their use -
short when someone appropriates your personal information without your knowledge - it's a
crime, pure and simple. (CIPPIC, 2007). Generally, the principle of Identity theft could be
described in the next figure. It illustrates the diverse components that are present in it. The
marked groups inside the figure describe the method of collecting the information using the
internet (CIPPIC, 2007).
3


Figure 1 - Definitional Model of Identity Theft (CIPPIC, 2007)

3. Information Gathering:
From (Figure 1), it can be seen that the information gathering is divided into three major
methods. First one is Collecting the information about the username and password or some
personal information. Some of this information could be available for the public, such as
phone directories. Also, the technology can be used to gather information like hacking,
skimming, etc. The creation of fictitious ID or Manipulation of one's own ID is the second
type, the wrong identity may be used to gather information from previous points and the
counterfeiting or trafficking conspiracy can be occurred. The last major type is Crimes
enabled by false identity: These crimes are related to the previous types. The type of crimes
could be offline crimes, such as: smuggling, prohibited trade, etc.. Also, it can be online
crimes such as credit card , etc. (Younes, 2010)

There are many methods that can be used to gather information about the user. The most
common methods are (Finklea,2012):

Off-line and online sources: Using the Social Networking Sites, Directories etc., that
give an easy way to collect information about the victim.
Spamming and Phishing: The deceived emails are sent to the public randomly in to
looking for information. Almost, the user helps the theif by giving him personal
information.
Typosquatting: This method depends on designing a fake website with similar views to
deceive the user and sniff the username and the password(Finklea,2012).
4

The use of the information that thefts gathered can lead the victims to many problems and be
devastating by causing financial harm when making victims suffer direct by using their credit
or debit cards or creating new accounts, and also causing nonfinancial harms like damage
victims credit standing and general standing in their communications businesses. This problem
will possibly grow every year as technology grows as everyone now using technology
everywhere. Investigators and prosecutors must do the same to combat the problem.
(Youreviltwin.net, 2008).

4. Solutions (Avoidance):
In order to reduce tha personl security related information being stolen certain
steps needs to be taken such as;
Awareness: should be published alerts for users of the Internet, especially, whom use
the social networking sites and increase awareness of spam messages.Also, activate
the culture of non-dissemination of personal information that may be vulnerable to
exploitation by hackers(Finklea,2012).
Updated security fixes and patches: Many attacks can be avoided by update patches
and security fixes. The updating should be regularly to provide additional security.
Real time monitoring of antivirus: The monitoring activities in the real time can
restrict the collecting information. However, not all antivirus softwares apply it in
enough time(Finklea,2012).
Be Proactive: By using alerts and notifications that provides as a service from
companies. (Javelinstrategy.com, 2012)
Ensuring Application Authentication: To authorize to the user that the application is
dependable. (Technology Background, 2004).

5. Comprehensive Frameworks:
Furthermore, there are many framework concern in combating the identity theft. There are two
frameworks that provide such comprehensive solutions. They are Wang et al.'s contextual
framework and the Zachmans framework (Canadian Internet Policy and Public Interest
Clinic, 2007).

5.1 Wang's contextual:
For combating identity theft, it should defines the most important stakeholders involved who
are define as part of identity theft. The above diagram shows the framework with the
interactions and the information flows between the various stakeholders such as Identity
protector, identity checker, identity issuer, identity owner and identity thief. The Red lines
indicate the actions taken by identity thieves/abusers, while the Green arrows indicate
activities carried out by other stakeholders which turn out to be a part of identity theft. Solution
5

providers can use the framework to determine the roles of various stakeholders as well as the
analysis the relationships and interactions between these entities in order to combat identity
theft. (Wang and Yuan, 2006).

Figure 3: Wang and Yuan framework (Wang and Yuan, 2006)
From the preceding diagram, it may be seen that the identity thief could abuse the owner
information by attacking the identity checker to avoid detection in order to escape from being
prosecuted. Moreover, he can attack the issuer and fake certificates, signatures and any other
certifications. It is worth mentioning that this framework concentrate on the managerial and
legislative solutions for the such complicated issue. Consequently, this issue needs to be
taken into the consideration for accountability and responsibility and how the identity
attacker can abuse these roles. (Wang and Yuan, 2006).
6. FINGERPRINT BIOMETRIC SYSTEM
To verify the identity of the person various authentication technologies are used however in
this section we will see how fingerprint recognition can be used to prevent Identity theft or
fraud considering the fact that each person has distinct fingerprint as well unlike a password
or personal identification number (pin), fingerprints cannot be forgotten, lost, or stolen.
Because of flexible deployment in any kind of system, ease of use and the cost effectiveness
6

as compare to other Biometric authentication methods such as Iris and Face rcognition
makes it most widely used and successful technology.(Maio and Jain)

A human fingerprint comprises several crests/ridges which are the outer skin layer slices of
the finger and valleys are internal skin layer slices. The crests form so-called minutia points,
and the array of valleys and minutiae points are used to determine the uniqueness of the
fingerprints.The key machineries used to intake the fingerprint image with adequate detail
are optical, silicon and ultrasound. The main algorithm types to determine and identify the
fingerprints are:(Kumar and Ryu; Maio and Jain)

1. The three simple patterns of fingerprint crests are the arch, loop, and whorl. Pattern
matching checks and compares the complete details of the fingerprints, not only individual
points. Fingerprint details can comprise sub-areas of definite interest including crest
thickness, curving, or density.
2. Minutia features: The key Minutia features of fingerprint crests are: crests ending,
divergence, and squat ridge. The crests ending is the part where a crest ends. Minutia
matching approach checks specific details and compare them within the fingerprint crests.
The minutia points are situated on the registration, along with their relevant locations and
directions. At this point, the fingerprint image is analysed to locate its minutia points and
then compared against the registered template.

Two types of sensors are used to take input fingerprints, one is optical sensor which uses
prism or hologram and second is non-optical sensor which uses semiconductor. Optical
sensors work on the principal of frustrated total internal reflection (FTIR), the aquisation of
image is done by pressing the object finger on a lense and light source. When finger is
placed on the glass (see figure1), the light falling on the ridges of finger is reflected through
the prism and is captured by CCD array while the valleys are detached from it.(Jain,
Prabhakar and Ross,1999) while the Non optical Semiconductor based Fingerprint
Recognition Sensor measures the electrostatic capacity between sensor surface and skin, and
translates it into an image.



Figure1: Principle of Absorption in Fingerprint Sensor(RFlogics,2007)

7

One of the shortcoming of the fingerprint system is that the tip area of the finger is relatively
small to measure, and the crest shapes can be affected by dirt, or cuts. To obtain perfect
images of typical fingerprint crests and minutiae is considered to be complicated.

6.1 Advantages
Some of the advantages of the Fingerprint System are:
Cost-effective and cheap to implement
Relatively small in size
Difficult to interfere
Simple and relatively easy to use

6.2 Disadvantages
As many other systems, the Fingerprint Biometric System has its disadvantages.
Some of these disadvantages include, but does not limited to are;
Susceptible to noise and misrepresentation caused by cuts or dirt.
Individuals with amputated or damaged fingers cannot use it

7. Future challenges:
Due to the large use of online social sites and services, the fear of identity theft will increase.
But it is unlikely that the technology will be changed completely during the next fifteen
years. Along with public policy in the future need to take into account some of these
expansions of personal identity in the world of technologically enhanced to keep the
identities, and to deal rapidly with all the developments that occur in people's lives (Bostrom
and Sandberg,2011).

8. Conclusion:
To sumup, Identity thefts have key impacts on the society in terms of finance, credibility,
and privacy. It is imperative to implement sufficient countermeasure to curb such a crime,
and there are different approaches to do so. Selecting the right countermeasures would vary
from case to another, depending on the situation of each case. One of those approaches is the
fingerprint recognition in biometrics which is considered to be efficient, cost-effective, as we
as easy to use.
8

9. Bibliography:

CA Technologies (NASDAQ: CA). (2011). Advanced Authentication Methods: Software
Vs Hardware.
Canadian Internet Policy and Public Interest Clinic. (2007). Identity Theft: Introduction
and Background. CIPPIC Working Paper No. 1 (ID Theft Series).

Finklea, K. (2012). Identity Theft: Trends and Issues. Congressional Research Service
CRS Report for Congress, R40599.

Javelinstrategy.com. 2012. Javelin Strategy - More Than 12 Million Identity Fraud Victims in
2012 According to Latest Javelin Strategy & Research Report. [online] Available at:
https://www.javelinstrategy.com/news/1387/92/1 [Accessed: 28 Jul 2013].
Jain, Anil K, Salil Prabhakar, and Arun Ross. 'Fingerprint Matching: Data Acquisition and Performance
Evaluation.' Dept. of Computer Science, Michigan State Univ., East Lansing, Tech. Rep. MSU-
CPS-9914 (1999)
A Brief Introduction of Biometrics and Fingerprint Payment Technology. Future Generation
Communication and Networking Symposia, 2008. FGCNS'08. Second International
Conference on. 2008. IEEE

Maio, Dario, and Anil K Jain. Handbook of Fingerprint Recognition. springer, 2009.
Mears, J. (2011). The Future of Biometrics: Realizing the Promise. Keynote speech to
Biometrics Consortium Conference. Tampa, FL.: Lockheed Martin Corporation.
http://www.rflogicsinc.com/Technology/Fingerprint_recognition.htm[Accessed: 08/18/2013].
Smith, S. 2012. How Thieves Steal Your Identity. The PC Mechanic's Headlines, [blog]
January 15, Available at: http://www.pctecmech.com/blog/How-Thieves-Steal-Your-
Identity.php [Accessed: 7/29/2013].
Technology Background. 2004. Enhancing One-Time Passwords for Protection Against
Real-Time Phishing Attacks. Technology Backgrounder. [report] RSA Security Inc., p.10.
Tschinkel, B., Esantsi, B. and Iacovelli, D. 2012. "Proceedings of Student-Faculty Research
Day", paper presented at Keystroke Biometric Intrusion Detection, White Plains, May 4. NY:
Pace University Seidenberg School of CSIS,, p. 8.
Olzak, T. (2008). Key stroke Logging (Key Logging). Erudio Security, LLC.
Schlenker, A., & Sarek, M. (2012). Behavioural Biometrics for Multi-Factor Authentication
in Biomedicine. EJBI, Volume 8 , Issue 5.

Wang W. and Yuan Y. (2006), A Contextual Framework for Combating Identity
Theft IEEE SECURITY & PRIVACY 1540-7993/06

Yampolskiy, R. (2008). Behavioural biometrics: a survey and classification. Int. J.
Biometrics, Vol. 1, No. 1,.
9


Younes, W. (2010). Identity Theft. Pittsburgh: Carnegie Mellon University.

Youreviltwin.net. 2008. Identity Theft: The Scope of the Problem. [online] Available at:
http://www.youreviltwin.net/identity-theft-scope-of-problem.html [Accessed: 28 Jul 2013].