Interesting People mailing list archives
IP: Worth reading -- Re: Serious new CALIFORNIA Drivers License
From: David Farber <dave () farber net>
Date: Mon, 26 Mar 2001 06:17:46 -0500
X-Sender: jnoble () pop dgsys com Date: Mon, 26 Mar 2001 00:45:17 -0500 To: farber () cis upenn edu From: John Noble <jnoble () dgsys com> Subject: Re: IP: Serious new CALIFORNIA Drivers License ID RISK: [risks] Risks Digest 21.29 Dave: I'm a recovering bank lawyer who hasn't had a serious lapse in nearly ten years, but I find I can't help myself. The account of the fraud perpetrated with a forged drivers license and the supposed complicity of Wells Fargo and California law is misinformed and misinforms your subscribers. It has nothing to do with the real risks identified in the Risk Digest item he points to. Although drivers licenses are increasingly designed to be more difficult to duplicate than they used to be, you can forge anything with the right equipment. There is nothing new about that. People have been forging identification and cashing bad checks since they invented banks. Whatever the problem with the CA license, it is not obvious how it contributes to the fraud Mr. Cornell describes. The fact that the lic. no. and DOB is recorded on a magnetic strip instead of printed on the license only makes it that much harder to discover, and that much harder to duplicate. Mr. Cornell indicates that he wants one without a photo. How does that help? Cornell's photo-free driver's license is only going to prevent him from cashing checks. It isn't going to stop someone else with a forged license that does have a picture unless he can find a bank that requires DNA testing to cash a check. Mr. Cornell's description of the CA Commercial Code leaves out the good parts. An account may be debited if the item was "properly paid," i.e. "authorized" in fact. If the item was not authorized, the customer need only notify the bank within a reasonable time after receiving his statement to have the account re-credited -- the burden is on the bank to prove that the endorsement was genuine, which is impossible. Banks typically ask the customer to sign an affidavit; and they pull the video sequence of the transaction at the teller window to confirm that the customer did not cash the check himself (the unlikely exception to the impossibility of proving the endorsement was genuine). Mr. Cornell points to Code provisions that require the victim to "prove" that the bank failed to exercise "ordinary care." But the provision only applies to losses caused by the customer's failure to review his bank statment and report an unauthorized debit within a reasonable time. In effect the bank is strictly liable for unauthorized debits during the first 6-8 weeks on little more than the customer's insistence that they were unauthorized. But if the customer doesn't look at his statement and report the unauthorized transactions disclosed on the statement, the bank's liability is cut off and the customer is stuck with the additional losses. The reasons for this are obvious. Only the customer is in a position to know that the debit was unauthorized. If he doesn't look at his statements, and the same guy is cleaning him out month after month, whose fault is that? In addition, the law has to take into account the possibility that the customer is having his own checks cashed by a third party. If Cornell has scoured the internet without finding it mentioned, it is because it is relatively rare. This is a risky, complicated, inefficient and finally stupid way to steal money. Someone has to make the ID (holograms, magnetic strips encoded with the drivers lic. no. and DOB); then stand at the teller's window in front of a camera posing for the wanted poster. Moreover, when you cash a check that bounces, the bank doesn't wait until the end of the statement cycle to let you know about it. They send you a letter. You would need to ignore those letters, as well as your bank statement, to lose the tens of thousands of dollars Cornell reports. When the forger cashes a check for which the the bank isn't liable, 6-8 weeks after he cashed the first check, the forger needs to assume that the victim has ignored the letters and statement -- because otherwise he's busted. Anybody who has your bank account no. can far more easily create checks that carry your name and account number. He doesn't need your drivers lic. no., DOB, or soc. sec. no. for that. He just draws against your account on checks coded with your account no.; deposits them in a straw account; withdraws the funds and closes the account before your statement goes out; and moves on to another bank and another victim because he has to assume you reported the fraud. He can do all that without ever having his picture taken for either a fake drivers license or a wanted poster. He doesn't have to stand at the teller window in your bank wondering whether he's about to get busted because you reviewed your statement and reported the fraud, and his picture from the videotape has been circulated to the tellers and security personnel. He can move the money and close the account from the safety of his apartment using his computer. The moral of the story: review your bank statements -- it's part of the deal. John Noble
For archives see: http://www.interesting-people.org/
Current thread:
- IP: Worth reading -- Re: Serious new CALIFORNIA Drivers License David Farber (Mar 26)