An undercover investigator was able to use counterfeit documents and the Social Security number (SSN) of a man who died in 1965 to obtain a U.S. passport, according to a letter from the Government Accountability Office (GAO)to Senators Jon Kyl (R-AZ) and Diane Feinstein (D-CA).
This incident, which the GAO described as the "most egregious," was one of four times in March 2009 that passports were given out to applicants using fraudulent documents.
In the case of the passport obtained using the SSN number of a man who died in 1965, the Department of State, which runs the 18 centers or offices that issue passports nationwide, said the passport was issued because there was no automated check against Social Security Administration (SSA) death records.
The State Department told the GAO that it has revoked the four fraudulently obtained passports and has purchased a subscription to the Death Master File, which includes weekly updates of deaths from the SSA. The four passport specialists that issued the passports have been suspended pending additional training while the passport acceptance facilities that accepted the fraudulent passports can no longer do so until they receive further antifraud training.
There are 9,000 such facilities across the country, usually located in a U.S. Postal Service location or courthouse, where passport acceptance agents verify that the identification document matches the person in front of them as well as send an applicant's proof of citizenship and passport application to the State Department.
GAO criticism of the passport fraud risk is not new.
In 2005, the GAO reported that using stolen identities and documentation is the primary way for a criminal to get a U.S. passport. Typically, passport fraud is linked to other crimes, the report said.The report also identified poor information-sharing between the State Department and other government agencies. For instance, the GAO said that the information the State Department receives from the SSA was "limited and outdated" and that the State Department did not have access to SSA's death records, despite a 2004 information-sharing memorandum between the two agencies that has yet to be implemented.
Two years later, the GAO also identified weaknesses at passport acceptance facilities. The report said that the State Department needed to establish a formal oversight program and make sure acceptance agents were better trained.
The GAO concluded that "more needed to be done because of the critical role acceptance agents play in establishing the identity of passport applicants, which is critical to preventing the issuance of genuine passports to criminals or terrorists as a result of a receipt of a fraudulent application."
In response to the latest vulnerabilities discovered in March, the GAO offered five "corrective actions" to the State Department: 1) improve the ability of passport acceptance facilities to detect fraud, especially counterfeit documents; 2) bar passport specialists from issuing a passport for an application that includes a SSN until it's checked against the SSN database and the Death Master File; 3) explore commercial options for real-time checks of SSNs and other information in applications; 4) conduct covert tests of passport specialists and passport acceptance agents similar to the GAO's; and 5) work with "state-level officials" to gain access to the necessary state databases.
The State Department agreed with the GAO's recommendations and indicated some were implemented or in the process of implementation, such as using commercial databases for verifying identities.
Nevertheless, the GAO questions the State Department's commitment to implementing its corrective actions.
"State indicates in its comments that in October 2008, it 'implemented technology that requires any application with a death match to be removed from regular processing and submitted to the fraud manager for additional review,'"the report said. "However, we received a genuine U.S. passport using the SSN of a deceased individual in December 2008—at least a month after State claimed to have implemented the control that was designed to stop this type of passport fraud."