DMV Identity Verification Faulted

As authorities investigate the potential use of fake identification in the recent terrorist attacks, a state audit released Thursday said the California Department of Motor Vehicles lacks the technology to use fingerprint matches to verify the identity of driver’s license and identification card applicants.

Without the technology, DMV officials are handicapped in their ability to guard against someone assuming the identity of another person whose fingerprints already are on file.

Law enforcement officials believe three of the hijackers involved in the Sept. 11 attacks illegally obtained identification cards in Virginia by paying a group of men to swear that the hijackers were state residents.

Authorities believe the hijackers sought the ID cards to simplify their airport check-in for the doomed flights.

In California, the state auditor’s report said that a recent DMV effort to combat identity fraud suffers from “a major weakness” because the agency does not have the computer system needed to match fingerprints collected by the department over the past 20 years.

Although most major law enforcement agencies have such fingerprint matching technology, DMV officials said they don’t believe any other state motor vehicle department has such technology.

In the aftermath of the terrorist attacks in New York, Virginia and Pennsylvania, State Auditor M. Elaine Howle said it is critical that the DMV upgrade its fraud detection efforts.

“In light of what has occurred, the importance of what the DMV does . . . is certainly heightened,” she said in an interview.

The DMV, which issued about 8 million driver’s licenses and identification cards last year, has during the past year launched a widespread anti-fraud effort in response to growing complaints about identity theft.

But the audit found the efforts “have room for improvements.”

In a letter to Howle, DMV officials acknowledged several problems with anti-fraud efforts and vowed to address those deficiencies in the next few months.

In an interview, DMV Director Steven Gourley said his agency has already begun to implement many of the audit’s recommendations.

“We were doing it well before it was fashionable,” he said.

But Gourley points out that the Legislature rejected a request in the governor’s recent annual budget to spend $7.7 million for a computerized fingerprint matching system.

He said he will continue to press for the funding to buy the matching system and improve the department’s overall anti-fraud system.

Gourley said the terrorist attacks have increased scrutiny on the problem of identity theft.

But he added: “We’ve been working on this problem for a long time and we continue to work on it just as hard as before Sept. 11.”

The state audit was requested months before the terrorists struck by a joint audit committee attempting to gauge the DMV’s ability to detect and prevent identification fraud.

The DMV can take a computerized fingerprint image of every person who applies for a driver’s license or identification card.

Those images are taken when an applicant at a DMV office is asked to press a thumb on a camera sensor that is connected to a central computer.

But the audit noted that the DMV does not have the technology--known as biometrics--to match those computerized prints with the millions of prints the department has on file.

Without the ability to match fingerprints by computer, Howle said, the DMV cannot definitively tell whether an applicant already has a license or an identification card under a different name.

DMV officials agree that the computerized matching system is needed, but note that the department has already added new security measures that require DMV employees to verify the Social Security numbers provided by driver license applicants with the Social Security Administration.

The DMV currently tries to match the photographs in DMV records to photos of people applying for new or duplicate licenses.

But the audit suggested that the DMV require at least two DMV employees to match such photographs to reduce the risk of employees’ helping applicants to fraudulently get licenses or identification cards.

Gourley said the DMV agrees with that recommendation and has already begun to require two employees to verify photo matches.

But Gourley challenged the auditor’s suggestion that the DMV does not provide enough proof that its anti-fraud efforts are working.

In a written response to the audit, DMV officials said they have created a way to measure the effectiveness of the new anti-fraud efforts.

But in an interview, Gourley said it is nearly impossible to prove that the DMV’s efforts have deterred criminals from trying to obtain illegal licenses and identification cards.

“How do we measure the people who don’t show up any more because they know we are going to check their photos?” he asked.