In Part 1, we examined the simple methods used to create forged digital images, images sometimes used to steal identities or misrepresent financial and background information needed to assess customers or employees. In this post, we look at ways to help mitigate risk associated with acceptance of digital forgeries.
The big picture
There's no easy way to determine if a document image is authentic. Yes, there are specific pieces of information (i.e. seals and signatures) that help. But as we saw in Part 1, these are easily copied or tampered with. Still, it's unreasonable to expect organizations, both public and private, to stop accepting facsimiles or emailed scanned images.
Selecting anti-forgery controls is no different than selecting other controls. Deciding when and how to accept document images requires an assessment of risk and an understanding of how much risk company management is willing to accept. The controls must be reasonable and appropriate, providing the right amount of document assurance given business or customer requirements for transaction cycle time.
Defending against digital image forgery
The best defense against falsified digital images of documents is obvious. Don't accept them. For all critical document exchanges, use Federal Express, or some other physical transmission method. This provides original documents as well as controlled transport and delivery. Again, for some business processes, both public and private, requiring originals might not be practical. So here are additional guidelines:
- Use certificates to authenticate the document or its sender. Certificates can be used to sign or encrypt images. This is fine for business-to-business transactions, but most SOHO users either don't have the resources or the skills to purchase and implement a CA provided certificate. Self-created certificates might work, but the work involved with initial identity verification and ongoing management of self-created certificates puts these beyond the realm of reasonable and appropriate for organizations with high document traffic volume.
- Use watermarks. Watermarks are a good way to ensure photos and images of documents are not altered. Using technology similar to steganography, authentication information can be inserted and encrypted in the image. When the recipient wants to authenticate it, he or she uses a shared password to reverse the process. Again, this might be fine for a limited number of transaction partners. However, the improbability of effective key and password management increases rapidly with the number of senders. And this process works OK for email images, but faxed images tend to lose enough quality to frequently cause this approach to fail.
- Use a lab to inspect each document received to ensure absence of forgeries. Good process, bad financial decision.
- Implement processes to verify certain key information elements on various types of documents. This might be as simple as calling a phone number contained in the image or using an online service to verify an address, DOB, or other information as it appears on the document. Also, personnel processing these document images should be familiar with the appearance of authentic copies. They should at least be able to spot a poorly constructed forgery.
The final word
Digital image forgery is easy—easier than implementing detection solutions or training employees to identify fakes. Like anything else associated with security, common sense must prevail. Determine the risk of accepting digital documents and do the right thing.
Tom is a security researcher for the InfoSec Institute and an IT professional with over 30 years of experience. He has written three books, Just Enough Security, Microsoft Virtualization, and Enterprise Security: A Practitioner's Guide (to be published in Q1/2013). Before joining the private sector, he served 10 years in the United States Army Military Police with four years as a military police investigator. He has an MBA and CISSP certification. He is also an online instructor for the University of Phoenix.