IP: Serious new CALIFORNIA Drivers License ID RISK: [risks] Risks Digest 21.29

[David Farber <dave () farber net>]

> Date: Wed, 21 Mar 2001 16:03:12 -0800
> From: "Peter V. Cornell" <pcornell () nanospace com>
> Subject: Serious new CA Drivers License ID RISK
>
> This is really happening!
>
> Almost exactly one decade ago Chris Hibbert posted a RISKS article
> describing the (then) new California Drivers License (CDL). He gave a
> warning to us all. That little piece is still on server:
>   http://catless.ncl.ac.uk/Risks/11.03.html#subj10
> [and has been updated by Chris since.  PGN]
>
> That warning, given in 1991, has blossomed into a nightmare.
>
> Recently, The California driver license and ID card have been declared as
> PRIMARY IDENTIFICATION DOCUMENTS in this state by the California
> legislature.
>
> http://www.dmv.ca.gov/faq/dlfaq.htm#2504
> http://www.lbl.gov/Workplace/HumanResources/irss/dmv.html
>
> Guess why?  A great convenience for bankers, but enabling serious new ID
> fraud RISKS based on easily obtained fake driver licenses and data.
>
> http://www.fakeidsite.com/
> http://www.photoidcards.com/
> http://www.wdia.com/home-entrypage.htm
> http://www.spyheadquarters.com/
>
> Courtesy of the California legislature, *anyone* who has a fake California
> drivers license with YOUR correct data, but with *his* picture and *his*
> version of your signature, can steal your money in many different ways. For
> example, if he knows your Social Security Number, bank, and account number,
> (easily obtained online or by mail theft) he can walk into any branch office
> and receive cash. Tens of thousands have been stolen from my (no longer
> existent) Wells Fargo accounts.
>
> I must be one of the very first victims of this new kind of identity
> theft. I have been scouring the internet for months and have found no
> mention of it. Of course there are gigabytes of stuff about the old credit
> card scams, alive and still growing, but no mention of use of drivers
> licenses to impersonate bank customers and withdraw cash directly.
>
> With that fake drivers license, that fraudster becomes YOU.  All he need do
> is write a bad check drawn on another bank's bogus name account set up for
> that purpose, with the victim (you) as payee. He then walks into (in my
> case) a Wells Fargo branch and, impersonating the victim, cashes the
> check. When the check bounces, Wells Fargo (probably others, too) simply
> debits the victims account.
>
> The banking industry has arranged the law (California Commercial Code
> Sections 4401-4407 and 3101-3119) to ensure that the customer takes the
> hit. So that, among other conveniences, THE LAW allows banks to rely
> *solely* on the CDL data to confirm the identity of a customer with no risk
> exposure whatsoever. "IF THE CUSTOMER PROVES" means you must sue the
> bank. They have it written so you'd lose anyway, but the amounts, however
> painful, are not nearly enough to pay a lawyer. (See excerpts from the
> California Commercial Code below.)
>
> So, with my CDL data in circulation, if I want to keep a checking account, I
> must change banks regularly. There are at least two fraud artists still
> using my ID.
>
> The banks DO check your CDL number as well as date of birth at the teller
> window. But there is no possible way to change any of my drivers license
> data. The California Department of Motor Vehicles (DMV) web site says to go
> to a local office to change your drivers license number. That just plain
> doesn't work. Many of the items on their ID Theft page simply do not work in
> actual practice. It *looks* pretty.
>
> http://caag.state.ca.us/identity.htm
>
> The DMV local says they'll replace your picture ID with one that has no
> picture while your request is being processed which may take
> months. Impossible! They also require a letter from the bank. But none of
> the Wells Fargo's "headsets" (customer service phone reps) or "robots"
> (branch employees) are able or willing to do that. They'll give you forms to
> fill out which are totally inadequate for this new kind of ID fraud. Bank
> customers are thus denied any access to the bank officers responsible and
> accountable for bank policy.
>
> Bankers have their political money well spent. With their
> credit cards, computers, headsets and robots, their ethics,
> "good faith" and accountability were abandoned long ago.
>
> Peter V Cornell <pcornell () nanospace com>
>
>  - - - -
>
> CALIFORNIA CODES COMMERCIAL CODE SECTION 4406 [excerpted]
>
>    (d) (2) The customer's unauthorized signature or alteration by the same
> wrongdoer on ANY OTHER ITEM paid in good faith by the bank if the payment
> was made before the bank received notice from the customer of the
> unauthorized signature or alteration and after the customer had been
> afforded a reasonable period of time, NOT EXCEEDING 30 DAYS, in which to
> examine the item or statement of account and notify the bank.
>
>     (e) If subdivision (d) applies and the CUSTOMER PROVES that the bank
> failed to exercise ORDINARY CARE in paying the item and that the failure
> contributed to loss, the loss is allocated between the customer precluded
> and the bank asserting the preclusion according to the extent to which the
> failure of the customer to comply with subdivision (c) and the failure of
> the bank to exercise ORDINARY CARE contributed to the loss.  IF THE CUSTOMER
> PROVES that the bank did not pay the item in good faith, the preclusion
> under subdivision (d) does not apply.
>
> CALIFORNIA CODES COMMERCIAL CODE SECTION 3103.
>    (a) (7) ORDINARY CARE "... in the case of a bank that takes an instrument
> for processing for collection or payment by automated means, reasonable
> commercial standards DO NOT REQUIRE THE BANK TO EXAMINE THE INSTRUMENT..."
>
> (To see the complete text of the above California Commercial Code Sections,
> go to http://www.leginfo.ca.gov/calaw.html Check the "Commercial Code" box,
> enter keyword "4401", then click search.)
>
> ------------------------------



For archives see: http://www.interesting-people.org/