One of the most intractable crime problems that has arisen in the twenty-first century concerns the criminal misuse of identity - popularly known as identity fraud or identity theft. Computer technologies have enabled documents used to verify an individual's identity to be altered or counterfeited with ease, leading to a problem which, in 2001-02, was estimated to cost $1.1 billion in Australia alone (Cuganesan & Lacey 2003). The higher education sector is not immune from risks of identity-related fraud and other kinds of dishonest practices, and, as this paper demonstrates, risks are present throughout the sector - from enrolment of students, through the examination process, upon qualification, and during subsequent employment. Reducing the risks associated with identification of students and staff alike entails the employment of a wide range of strategies that need to be implemented uniformly across the entire sector. This paper analyses the nature of the problem and how government, business and individuals can share in the task of preventing identity thieves from enrolling and graduating dishonestly.
In undergoing higher education, as well as in conducting many business transactions, people are required to establish who they are by providing evidence of unique identifying characteristics. It is usual to produce or disclose something that you have (tokens), something that you know (knowledge), something related to who you are (biometrics), or something indicating where you live (location). Of course there are others, such as the use of a person's name, and a variety of behavioural and psychological characteristics that can be used to identify people. Depending upon the degree of certainty with which one needs to establish one's identity, one or more of these methods may be relied upon. Often only one method will be used, and this will generally involve the disclosure of a document. Each has its own vulnerabilities and risks which are able to be exploited by those who want to act illegally.
In the past, identity was more easily verifiable as people conducted most of their transactions in person. With the advent of computers, however, documents can easily be fabricated and personal information obtained from electronic databases either by gaining access without authority, or by tricking unsuspecting users into disclosing their access codes and passwords. In higher education, examples of identity-related fraud and other dishonest practices exist in all aspects of the sector extending from enrolling as a student, undergoing examinations and submitting essays, commencing employment as a staff member, paying fees, receiving salaries, and using technology. There is a continuing need to identify both new students and staff with accuracy and the task for university administrators is considerable. In 2004, for example, 284,184 new students enrolled in Australian universities, 66,494 from overseas (Winchester & Lacey 2003: 194). In 2004, there were also 91,905 staff employed in Australian universities (Department of Education, Science and Training 2004). Evidence is needed of previous qualifications and/or eligibility to enrol for new students; previous employment and qualification details for new staff; as well as identification necessary for conducting business transactions including payment of fees and receiving payments such as salaries.
In Australia, a wide range of documents may be used to establish identity. Included amongst them are student identity cards, 358,700 of which were issued by higher educational institutions in 2002-03 - many with rudimentary forms of security against alteration or counterfeiting. One recent study found that of the 16 state and territory Offices of Births, Deaths and Marriages, and driver licence issuing agencies, 15 of these organisations accepted student identity cards and/or statements of results as proof of a person's identity for purposes such as building access, computer access, library usage, public concessions, and examinations. …