No, you don’t have to be a citizen to get a REAL ID.
But your REAL ID is tied to your authorization to be in the United States, and expires on the same date as your authorization to be here.
Well, that’s how it’s supposed to work.
In California, the date calculations (based upon 2006 legacy code) were screwed up for 300,000 legal residents.
“The error overrode the correct expiration date, which should have matched the end of the cardholder’s authorized stay in the United States. Under federal rules, immigrants with legal status — including permanent residents, green card holders and visa holders — are eligible for REAL IDs, but the cards’ expiration dates must align with the length of their authorized stay.”
Except when they don’t.
And for those who believe that granting REAL IDs to non-citizens is an example of California breaking the law:
The DHS approved California’s REAL IDs in April 2019 under President Trump.
“If you’re not a U.S. citizen, you must apply in person at a state driver exam station and provide a U.S. Citizenship and Immigration document proving your lawful status in the U.S.”
Francesco Fabbrocino of Dunmor presented at today’s SoCal Tech Forum at FoundrSpace in Rancho Cucamonga, California. His topic? Technology in FinTech/Fraud Detection. I covered his entire presentation in a running LinkedIn post, but I’d like to focus on one portion here—and my caveat to one of his five rules of fraud detection. (Four-letter word warning.)
The five rules
In the style of Fight Club, Fabbrocino listed his five rules of fraud detection:
1. Nearly all fraud is based on impersonation.
2. Never expose your fraud prevention techniques.
3. Preventing fraud usually increases friction.
4. Fraud prevention is a business strategy.
5. Whatever you do, fraudsters will adapt to it.
All good points. But I want to dig into rule 2, which is valid…to a point.
Rule 2
If the fraudster presents three different identity verification or authentication factors, and one of them fails, there’s no need to tell the fraudster which one failed. Bad password? Don’t volunteer that information.
In fact, under certain circumstances you may not have to reveal the failure at all. If you are certain this is a fraud attempt, let the fraudster believe that the transaction (such as a wire transfer) was successful. The fraudster will learn the truth soon enough: if not in this fraud attempt, perhaps in the next one.
But “never” is a strong word, and there are some times when you MUST expose your fraud prevention techniques. Let me provide an example.
Biometric time cards
One common type of fraud is time card fraud, in which an employee claims to start work at 8:00, even though he didn’t show up for work until 8:15. How do you fool the time clock? By buddy punching, where your friend inserts your time card into the time clock precisely at 8, even though you’re not present.
Enter biometric time clocks, in which a worker must use their finger, palm, face, iris, or voice to punch in and out. It’s very hard for your buddy to have your biometric, so this decreases time clock fraud significantly.
And you fail to inform the employees of the purpose for collecting biometrics, and obtain the employees’ explicit consent to collect biometrics for this purpose.
In a case like this, or a case in a jurisdiction governed by some other privacy law, you HAVE to “expose” that you are using an individual’s biometrics as a fraud prevention techniques.
But if there’s no law to the contrary, obfuscate at will.
Communicating your anti-fraud solution
Now there are a number of companies that fight the many types of fraud that Fabbrocino mentioned. But these companies need to ensure that their prospects and clients understand the benefits of their anti-fraud solutions.
That’s where Bredemarket can help.
As a product marketing consultant, I help identity, biometric, and technology firms market their products to their end clients.
And I can help your firm also.
Read about Bredemarket’s content for tech marketers and book a free meeting with me to discuss your needs.
This has been a long-standing favorite of mine, from the old days before everyone used artificial intelligence to create their own robots. (Or lovers.)
I was messaged on LinkedIn by Jenniffer Martinez, purportedly from HS Hyosung USA. She wanted my email address to send information about a job opportunity.
Why?
“After reviewing your resume and relevant experience, we believe your management experience, professional background, and career stability are a strong match for Yaskawa Group’s current talent needs.”
(Only now did I notice the reference to Yaskawa Group, whatever it is.)
Eventually I told “Jenniffer” that I had contacted her employer directly.
By 11:30 she had deleted her entire conversation, which is why I took screen shots immediately.
And I never even got around to asking her for HER corporate email address.
No word from HS Hyosung USA, but it knows all about Jenniffer now (see final screen shot).
Bredemarket works with a number of technologies, but it’s no secret that my primary focus is biometrics. After all, I call myself the “biometric product marketing expert,” having worked with friction ridge (fingerprint, palm print), face, iris, voice, and rapid DNA.
The biometric product marketing expert in the desert.
If I can help your biometric firm with your content, proposal, or analysis needs, schedule a free meeting with me to discuss how I can help.
Bredemarket 