• Money laundering and other crimes have been exacerbated by the COVID-19 pandemic, highlighting the need for more widespread use of identity verification and management technologies, government officials say. Credit: stevepb/Pixabay
     Money laundering and other crimes have been exacerbated by the COVID-19 pandemic, highlighting the need for more widespread use of identity verification and management technologies, government officials say. Credit: stevepb/Pixabay

Pandemic Accents Federal Need for Identification Tech

September 8, 2020
By George I. Seffers
E-mail About the Author

Fraudsters steal billions of dollars in COVID relief funds.

The COVID-19 pandemic has highlighted the federal government’s need for better identity verification and management tools, in part to ensure relief funds go to the people who need them.

Gay Gilbert, administrator, Office of Unemployment Insurance, Department of Labor, told the audience for the FedID Virtual Collaboration Event today that the department was hit with a pandemic-induced perfect storm. “For those of you who have been watching the news, probably you’ve noticed that the unemployment insurance program has become a key—a little bit of a hotbed, actually, with regard to COVID-19,” she said.

The Unemployment Insurance program went from about 200,000 claims per week to more than 6 million a week. “Actually, over the course of a few weeks, we had over 50 million people apply for unemployment insurance, which is huge.”

That deluge in requests for benefits coincided with the passing of the Coronavirus Aid, Relief, and Economic Security (CARES) Act. “Our whole UI [unemployment insurance] system has not slept since February. The unemployment insurance programs under the CARES Act really set up the perfect storm for issues around identity verifications,” she added.

The unemployment insurance program allows claims to be filed online, presenting the first opening for fraudulent filings, Gilbert reported. “The whole CARES Act presented this amazing magnet for fraudsters, honestly. One of the programs, the Pandemic Unemployment Assistance Program, is based on certification for most of the eligibility requirements. It also had a $600 payment on top of it, and also was retroactive, so the first payment could include as many as 10 weeks of benefits—so $20,000 or more in one payment. The fraudsters were all over that—great opportunity to get in there and see what they can get.”

Because the government cannot easily verify the identities of those making claims, a lot of COVID relief money has been lost. “We literally have billions of dollars at this point walking out the door under these programs due to identity theft and lack of our ability to deal with that verification. We are the case study,” Gilbert admitted.

She added that because she works with other departments and agencies, she knows others are facing the same challenges.

The federal unemployment insurance program and some states have “ventured into the territory of identity verification tools” but the tools need to be more widely adopted, she indicated. “Recently—unfortunately not before COVID but recently—we just offered up identity verification solutions through an integrity data hub through our [Payment] Integrity Center of Excellence,” Gilbert reported.

Teamwork will be required to successfully implement identity verification and management technologies. “The solutions that present themselves today are getting better, but they’re expensive. They aren’t necessarily efficient or easy to get at, so I think there’s a lot of work to be done to help the federal government and state governments to deal with this issue. It’s going to take a village,” Gilbert offered.  

Michael Mosier, deputy director and digital innovation officer, Financial Crimes Enforcement Network, echoed Gilbert’s comments. “We’re seeing around 5,000 account takeover reports each month, and that’s involving about $350 million,” he reported.

Such staggering numbers pose risks across the country. “With the billions of compromised credentials exposed online, there’s a very high likelihood that a lot of users in the U.S. financial system have had some sort of information about themselves compromised at some point,” Mosier explained.

The pandemic exacerbates the challenge. “With COVID-19, all of this has grown exponentially. Since February we’ve received more than 60,000 suspicious activity reports on COVID-related crime, whether that’s compromising identity specifically or other types of fraud. We’re seeing non-delivery scams, price gouging of medical supplies, imposter frauds, money mule activities, but then a significant amount of fraud against the government—fraud involving Medicare, unemployment insurance and economic impact payments,” Mosier said.

Money laundering also is a growing challenge. “There’s a lot of evolution in the threats we’re seeing on the financial intelligence side, so as the anti-money laundering regulator, we want to be encouraging a lot more development in the infrastructure and the information sharing as well as the standards development.”

The Financial Crimes Enforcement Network has responded by training law enforcement officials on “better use of our tools but also on issuing alerts and advisories on the risk indicators that we’re seeing,” Mosier added. The organization also is focusing on identity issues. For example, officials are exploring possibilities for enhancing advisories, working with industry and government to improve requirements for financial institutions, fostering innovation and possibly improving regulations.

The health sector also could use better identity management tools, according to Nicholas Uehlecke, advisor to the secretary, Department of Health and Human Services. Problems within healthcare involve Medicare fraud and the so-called Paul Smith problem, in which different people with the same name can be easily mistaken and provided the wrong type of care.

Uehlecke cited the need for digital credentials that individuals can carry without fear of compromise, such as the loss of a Social Security card. “The department has promulgated rules on interoperability over the course of the last several years, and we’re working toward a time now where the rules have been finalized. While delayed due to the COVID-19 emergency, we are in place where hopefully, going forward over the course of the next year, we will implement these new rules that will allow your identity to be a digital identity that carries with you, that can no longer be considered monetized by any institution,” he said.

Benji Hutchinson, vice president, NEC Corporation America, said the pandemic is accelerating trends in identity management, some of which started in the aftermath of the September 11, 2001, terrorist attacks. “We’re starting to see with the pandemic things are starting to shift and accelerate. Trends that were quickly underway have started to pick up speed and change in ways that I don’t think we even fully understand,” he offered.

Facial recognition, for example was already “having a moment” in recent years with an explosion in accuracy and performance. That will likely continue as people search for ways to verify identities without coming into physical contact with others. “What we’ve seen with COVID-19 is … more of a focus on hygiene and making sure there’s a contactless and touchless environment where people feel a lot more comfortable, especially when it comes to aviation or transportation or travel. What we’ve seen in the digital identity or identity space or biometrics space is a real shift toward computer vision, machine learning and artificial intelligence. These have really transformed the technology.”

David Bray, director, GeoTech Center, Atlantic Council, said the United States can learn from Canada’s identity management experience. “Canada’s racing ahead with identity management. It is worth looking at how Canada did their identity management successfully as an ally that we may be able to borrow lessons from,” he said.

But Canada also offers lessons learned the hard way on the need to protect identity data. “As they were successful with their identity management, unfortunately a few months later, that same stockpile of digital identity information was later compromised in a massive data breach. When we start storing identity management, do not be surprised when people start leaking that information,” Bray warned.


Enjoyed this article? SUBSCRIBE NOW to keep the content flowing.


Share Your Thoughts: