Hmm, so what we've really been doing it trying to codify a system for when a GM will decide a check is really necessary in the first place? OK, I think I can deal with that.

Still need a way (at some price) to get a false ID that has a better than 50% chance of not getting you killed when you try to walk into a high security area (infiltrating a corporate research facility for example.)

I understand not being able to get into a Z-zone with a fake ID, but then I'd put their security at a 7-8. Seriously, the current scale doesn't allow for enough of a security gap between stuffer shack and MCTs most secure research lab. It should be outright impossible for the former to even touch an ID that has the slightest chance of working at the latter.

Actually Rathmun, the odds are even worse. With ties going to the scanner, a Rating 6 SIN has a 17.6% chance of failure against a Rating 1 scanner. Which puts your odds of it still being good after 7 pizzas at just over 25% (it drops below 50% on the 4th one). After a second week of pizzas, you're looking at less than a 7% chance that your 6,000 (IMG:style_emoticons/default/nuyen.gif) SIN hasn't already been flagged.

For other ratings of SIN/License vs Scanners, the full run-down of the odds looks like this:

Also, since other people expressed interest in seeing the numbers for the suggestion of using the SIN as a threshold for the scanner (having it roll twice its rating), those come out as follows:


Edit: Fixed some issues with putting together fake tables here.

Further edit: both tables use SIN rating as the horizontal axis and scanner rating as the vertical.

You know, I think I am ammused by the monster I have created, because somehow (I am not going to speculate as to why) the idea of ordering pizza seems to Grok for most of the people reading this thread, and brings home just how gritty the RAW realy are.

By the way, thanks for the math!

Simple question I have for you all. What makes you think an ID is burned simply because it fails a verification process? Even using RAW it does not say failure equals burned. I would say it might matter where it fails more than the fact it failed. If a GM wanted to check every time a character rolled into the Stuffer Shack they could, and even the rating 6 SIN COULD fail. Worst case scenario, the EXCEPTIONALLY WELL TRAINED and HIGHLY ETHICAL clerk refuses the sale or the auto-vendor just won't accept the payment transfer. I really don't see that as being burned. Now having your ID snooped by Lone Star because they caught you casing a building wearing an armored jacket in July at noon could result in bad times if the ID check fails. Even then, the ID might not be "burned" for every day use. That ID would simply become a known alias for the Star. Plus, in the era of competing law enforcement corporations I doubt Weapons World is sharing customer data with Lone Star.
As a GM I did recognized the need for the Iron Clad ID, so I made one up for my campaign. The ID comes in ratings 3 - 6 at double the cost. They can only be procured through specific contacts that are a part of the organization that create them. The benefit they have is that the player using them can re roll the failures once per test.
(IMG:style_emoticons/default/nuyen.gif) (IMG:style_emoticons/default/nuyen.gif) (IMG:style_emoticons/default/nuyen.gif)

It's like this. You show up in Yakutsk Russia with a US passport and a valid visa. Being the crazy paranoid Russians they take AFIS like electronic fingerprints, then let you in because you have a seemingly valid US passport and a visa and your fingerprints don't show anything odd.

Two months later you show up in Saint Petersburg with a British passport (on a different name) and a valid visa. Being the crazy paranoid Russians they take AFIS like electronic fingerprints. The passport looks fine, the visa is fine, but the AFIS database show you as having been in Yakutsk two months ago on a US passport with a different name, and several gentlemen from FSB want to have a long talk with you.

It sure does hurt, though, when one of these babies gets burned... But they are worth every penny...

Instead of doing the math, I used a spreadsheet. Using the equations =TRUNC(RAND()*6)+1 to duplicate a simple die roll, I set up 6 cells for the fake ID and 3 cells for the scanner. Then, I had a cell count the number of hits for the ID and for the scanner. I have a column to determine successes (ID hits > scanner hits), another to determine ties, and a third to determine failures (ID hits < scanner hits). I copied this row of equations into 10,000 rows. I then averaged each column into a percentage. I typed the percentage, then hit enter, which recalculates the whole sheet. I did this ten times, and averaged the typed percentages, which means my total sample size is about 100,000.

Here is what I came up with (+/- about 1%):

ID succeeds: 63%
Ties: 23%
ID fails: 14%

I tried the same thing with a Rating 1 scanner (only 1 cell for a simulated single die).

ID succeeds: 83%
Ties: 14%
ID fails: 3%

Against mid-level scanners, my 6,000 nuyen ID will fail 14% of the time, and of the hundreds of scans made by Rating 1 scanners throughout the week (or on a busy day) I will fail 3 of the scans.

I like the idea that the ID rating is a threshold, which also automatically incorporates the idea that an ID always wins against a lower rated scan. I like the whole espionage feel that fake IDs bring, but burning through 5,000 nuyen with any kind of frequency is not something I see starting runners being able to do. If a Rating 6 ID is supposed to be worth the time and money, I want to see a better something lower than a 14% failure rate.

That's when the follow up verification test comes in, whatever the test happens to be.

But if you want to make Fake SINS the players have paid a lot of nuyen for not work in your game, that's your game.

When I ask for SIN checks I take into the account the odds of the test succeeding or failing for each time the check is asked for. Frankly I am not going to ask for a SIN check more then once a session if at all. I don't ask players to make Logic + Hardware test every time they walk through the door, or an Athletics Test to walk and chew gum at the same time. That's what cyberjaws are for. And ordering pizza is part of lifestyle costs, however it works, it doesn't need a SIN check, unless it's directly related to a run.

I guess it boils down to table preference if you're not going for the gritty RAW. It also sounds like most people have some kinf of system in place for dealing with this at home, though the majority boil down to not worrying about it too much. I happen to thing the "ignore it" option loses a little too much of the flavor of being a runner, but a comment I saw in another thread about escapism has merrit: we're here to have fun.
My personal feeling, though, is that the more "real" the world "feels", the more deeply I can submerge into it and successfully escape from my own day-to-day grind. Like cryptography, identity fraud is a constant running and escalating battle between security and those looking to circumvent it. If the current trends hold, identity fraus should still be ahead of the cops in 2070. Having to "be" a different person any given day with this character is an interesting challenge, deeply exploring the whole "I don't care WHO you think you are, that's not what the COMPUTER says" aspect of life in 2070 where regular people tend to "trust the Computer" more than their own senses.

The fluff talks about identity and SIN checks ubiquity. It also talks about Matrix ubiquity. There are also lots of vehicles and guns. There are mechanics for all of those items too.

Use the mechanics as appropriate to reinforce your imagination and level of immersion.

If you want to make people roll SIN checks more often to reinforce the importance of computer identity and authentication, then do so. Adjust the odds or subsequent test to make it easier or harder to pass the verification. This is built into the game. It's the GM who sets thresholds and how often a test is needed. You can do this without breaking the RAW. Automated SIN check fails, then set a threshold 1 test for the PC to "fool" the system and move on.

The mechanics don't create atmosphere and mood, the GM and players do. In fact, the more often you roll dice, the less dramatic and immersive a game can be.

Oddly I don't seem to be able to find price and availability for SIN verification systems.

The point I might try to make if I could find such information is that checking a SIN is not free. The whole system most cost an enormous amount and presumably everyone involved tries to recoup this cost by charging for access to their databases. The higher the systems Rating the more databases it must access and the greater the operating costs.

One might easily rule that immediate purchases made with certified cred would rarely if ever involve a SIN check. The vendor will most certainly read your SIN and relevant licence's but they won't pay money for the opportunity to lose a sale.

Purchases that involve giving credit might be an entirely different story but verification systems might only be sufficient to cover the short period the institution holds the debt before bundling it up and selling it on to someone better able to absorb the risk.

I've been thinking about this a lot lately with regard Matrix security. It is relatively straight forward to build systems that are virtually impenetrable given sufficient resources. There is guidance with regard how to scale system security but it pretty much boils down to 'eye-ball it'.

I suppose I'm getting a bit nostalgic having just re-read some of my favourite 1st Ed Scenarios. The system maps in Queen Euphoria caused me to break out in a big toothy grin and all that Red-4, Orange-3 stuff gave me a warm gooey feeling inside.

I think what I would like to see in SR4 is a Nuyen value placed on different Professional Ratings to allow a GM to build security systems that accurately portray the level of opposition PC's ought to expect.

If you look at the Tir Ghost Lieutenant template you should be able to back-trace what sort of system would be a realistic challenge for Professional Rating 6. Cost that out and use it as a basis for assigning a Nuyen figure for such a security level.

There is a reason why people pay smugglers a lot of money to avoid people who want to run a biometric ID on them at the ports of entry.

Ooo Biometric ID, I forgot about that.

If I understand correctly most of such Biometrics rely on data points, a fingerprint for example is mapped by a number of points that are unique to that particular print.

I'm wondering if it is possible to take multiple data-sets from the same print which are unique to that print but that don't overlap?

This would allow one to have multiple prints in different repositories without immediately setting off alarms.

An excellent point. But then there is the problem that it's a long stretch to role play something when you can't back it up. If I role play that I have experience with shooting sniper rifles, I had better have some skill on the paper, or there's no "order" to the chaos. Same with IDs. I think a lot of people have been trying to come up with a way to stick to the "ubiquitous" nature of checks without the ugly RAW getting in the way. All the alternative answers boil down to trying to make things consistent. Inconsistency is the bane of good immersion. "Why did the GM make me roll for my ID at the Stuffer Shack^TM this time, but not last time?!" That sort of thing. A constant "hand wave" from the GM "cheapens" the idea of false IDs. The RAW are gritty to the point of insanity. But knowing your GM will accept your Level 4 ID as good enough for everything up to and including a traffic stop (except for dramatic emphasis used in moderation) will also let you role play apropriately. If you KNEW your ID would pop invalid 50% of the time on a traffic stop, wouldn't that make your character sweat, further enhancing the officer's "probable cause"? That's what I have been trying to get at. Maybe I finally articulated it right this time.

In a word, no.
The systems are programmed to identify certain features. No matter whose scanner it is, it looks for the same markings because that is how it used to be done by hand before scanners and automated checks. If the points are different, it's not the same print. It basically boils down to "relative position of changes of direction of swirls and whirls to each other".

When presented in this way I classify it more of a problem in how the SIN check event is presented during the course of the game rather then something inherent with the SIN check mechanic itself. When I ask my player to make a SIN check when ordering pizza, do they feel it's because I'm about to introduce a cool scene involving the runners being tracked down via their Soy Pizza account, or do they feel I'm randomly screwing them over? (My players know I never randomly screw them over, I do it according to my nefarious plans.) This is one type of event that is purely in the hands of the GM and players to sort out whether or not it works for them.

However, the point about when to expect that a Rating 4 SIN should work versus when a Rating 1 is fine is certainly a bit more cloudy and could probably do with some setting of expectations. For example, I'd tell players that a Rating 4 SIN works fine walking around in AAA security areas almost always, and has a better then 50% percent chance of working when crossing standard security borders. A Rating 1 is going to struggle in a AAA neighborhood if it gets tested, but if you travel through and don't bring attention to yourself it's good, because in AAA it's important that you actually have one. But all of this doesn't need more mechanics. I simply want to promote that having a Fake SIN of any rating is needed to travel everywhere. I want all players to think having that Rating 1 SIN is useful and worth the nuyen. Having the Rating 1 SIN simply fail every time you actually us it is just counter productive. So I don't make them do SIN checks while doing "normal" life. If they go into AAA with a R1 Fake SIN and draw attention to themselves they expect the fake SIN to be useless afterwards.

Biometrics refers to methods for uniquely recognizing humans based upon one or more intrinsic physical or behavioral traits. ...Biometrics is used as a form of identity access management and access control. It is also used to identify individuals in groups that are under surveillance.

Biometric characteristics can be divided in two main classes:

• Physiological are related to the shape of the body. Examples include, but are not limited to fingerprint, face recognition, DNA, hand and palm geometry, iris recognition, which has largely replaced retina, and odor/scent.
• Behavioral are related to the behavior of a person. Examples include, but are not limited to typing rhythm, gait, and voice.

-Wikipedia for the quick reference.

About fingerprints. The basis of the traditional fingerprinting technique is simple. The skin on the palmar surface of the hands and feet forms ridges, so-called papillary ridges, in patterns that are unique to each individual and which do not change over time. Even identical twins (who share their DNA) do not have identical fingerprints.

The most popular ten-print classification systems include the Roscher system, the Vucetich system, and the Henry Classification System. Of these systems, the Roscher system was developed in Germany and implemented in both Germany and Japan, the Vucetich system was developed in Argentina and implemented throughout South America, and the Henry system was developed in India and implemented in most English-speaking countries.

The FBI manages a fingerprint identification system and database called IAFIS, which currently holds the fingerprints and criminal records of over fifty-one million criminal record subjects, and over 1.5 million civil (non-criminal) fingerprint records. U.S. Visit currently holds a repository of over 50 million persons, primarily in the form of two-finger records (by 2008, U.S. Visit is transforming to a system recording FBI-standard tenprint records).

Most American law enforcement agencies use Wavelet Scalar Quantization (WSQ), a wavelet-based system for efficient storage of compressed fingerprint images at 500 pixels per inch (ppi). WSQ was developed by the FBI, the Los Alamos National Lab, and the National Institute for Standards and Technology (NIST). For fingerprints recorded at 1000 ppi spatial resolution, law enforcement (including the FBI) uses JPEG 2000 instead of WSQ.


There are points Vucetih and the Henry Classification systems that do not overlap. However as the question is about a ten card it would also mean that you would also receive a lot of false positives from latent prints as your finger prints are missing key unique identifying points. Key unique identifying points are points which make you unique from your neighbour.

I have to say biometrics was the new sexy word of 2001 post 9/11. At the moment it is disunited and not very useful, since facial recognition software is not as advanced as it could be. It really depends on how accurate biometrics are, which measurements they use and how pervasive they are in each location.


I am GMing in Washington D.C. of the sixth world, which is not only the political capitol of the world, but safe because of draconian security measures. They are using the same systems in hand-held form as UCAS Customs and Immigration are. Why? Because a car bomb going off in D.C would place the UCAS economy into free fall.

Exactly. Expectations. You're being even more generous that I was prepared to see, but you're still honoring the idea. You give them an idea "Level 4 should be fine in AAA as long as you don't start shooting" is great, because it tells them where the lines more-or-less are. That's something you can reliably role play around. Doesn't NEED to be a big table (unless you really want it to be).

I sometimes had the players roll SIN checks in the past for making purchases, but mostly the only time I have them roll them now is when they are interacting with government in some way: traffic stops (and they were REALLY sweating that one, because there was a dead body in the RV's fridge!), losing a street battle and being picked up by the cops, getting past border patrol, etc.

Since it is no fun to incarcerate PCs in the middle of a campaign, I have had some fun with getting them out of those situations. I am running in Atlanta, CAS, where the APD is extremely corrupt. The worse the crime they are charged with, the more (IMG:style_emoticons/default/nuyen.gif) (IMG:style_emoticons/default/nuyen.gif) (IMG:style_emoticons/default/nuyen.gif) it costs to get them out. My players, despite getting handsome paydays around 100k (IMG:style_emoticons/default/nuyen.gif) each, are constantly broke. They fear the police mostly due to their impact on the bottom line!

I have also considered a prison break type mission, where some members are incarcerated, and the others have to figure out how to break them out, if they get busted again. I don't know why my players are having so much trouble staying out of legal trouble, but it sure is fun for me!

Bullshit. One out of 7 times, your Rating 6 SIN will fail against a Rating 3 verification system.

One out of 35 times, your Rating 6 SIN will fail against a Rating one verification system.

A Rating 6 Fake, which is 'as good as real', will be flagged as a fake & rendered useless in a month of every-day activities with RAW (according to the fluff, your ID is checked every time you purchase something, regardless of what or from where; Rating 1 verification systems are what are usually used to determine if you even have a SIN, such as at Stuffer Shack).

If you are forcing your PC's to roll for EVERYTHING, then Sure... it will have issues... but the Maximum that a rating 3 verification system can generate is 3 hits (at most, though generally it will Average 1 Hit), With an average of 2 hits for the Rating 6 SIN... ON AVERAGE, your rating 6 SIN will WIN vs the Rating 3 Verification... Will it fail occassionally? Sure, but generally as a "Tie" rather than a Failure outright, which just means more intensive verification procedures will commence...

The question you should ask Muspellsheimr, is whether you can live with the averages, or do you want more intensive results... as a lot of people have indicated, they prefer that the higher rating SINS should have some reliability to them...

Not necessarily arguing here, but I too prefer some baselines of reliability, and some indication of when even Rating 1 SINs would generally succeed vs. Failing, as Dire Radiant and Kerenshara have indicated... If you are forced to validate EVERY time you do anything, then SINs become generally useless...

Tymeaus Jalynsfein & Muspellsheimr, I think there is a slight disconnect between what you two are saying.

Tymeaus Jalynsfein, as I understand it, you are pointing out that the dice would fail frequently if the dice rolls were made, but they shouldn't be made every day. In fact, if there is in game down time, NO dice will be rolled for any ID checks, because the players won't be involved with the down time. The game won't be played during the down time. So, even the best IDs will fail once in a while, but only during those potentially dramatic moments when the GM decides the ID check could potentially fail. Chances are, it won't fail, and if it does, it is that one fluke that causes some havoc in an otherwise smooth plan of operations, and in the shadows, how often does "smooth plan" actually pan out?

Muspellsheimr, I think I was seeing it from your point of view. If the top IDs have a 3% chance of failing the most basic check, how does it pass through daily usage. In light of what Tymeaus Jalynsfein is saying, we should not look at the single moments chance of failure as a regular occurance. The ID passes perfectly, until in metagame, the GM decides a chance of havoc might increase the fun or drama of the situation. The one instance of failure (if it happens) does not indicate a recurring trend, but rather a single instance decided by the GM for the sake of plot complications.

I prefer to keep the reliability of the ID consistent during active play and during imagined downtime. If my ID works well enough that I can skate by through the shopping mall during daily living, I also want to do the same while grabbing some burgers on the way to a stakeout. If the GM wants to complicate that, I don't want it to be because my solid ID is compromised by a low level scan. Given the Availability and the Cost of high level fake IDs, I expect more out of them, and I want the game rules to more consistent through out the in game experience, whether it is down time or active play.