Fake SIN + Commlink, How do you treat it. Options

[Slymoon]

Unfortunately search terms under 3 letters long doesn't work, so it is tough to search SIN.


When purchasing a fake SIN, how does it come? On a chip?
Do you receive it as a download to your commlink? Can you house multiple fake SINs on a single commlink? or to be safe do you make it a package deal Fake SIN + Additional Commlink Setup.

A player noted that it would behoove the Fake SIN provider to make sure that it was provided on a relatively secure medium, less chance of anything getting back to the provider. ie: an at least middle grade commlink + decent Firewall. I can't fault his thought, but do you really want to get your hardware preloaded with a Fake SIN and OS from a hacker... backdoors away.

I can see the benefit as well as the problem with having more than 1 Fake SIN on a commlinkm hackers haven.
I can also see the benefit as well as the problem to having multiple Fake SINs each on its own commlinnk; money sink.

[Crusher Bob]

Why does the provider have to worry about stuff getting back to them? An anon email account sends you the SIN number, name, and whatever fake history is behind it. It's not the actual number that is that important, it's the data in the collection of worldwide databases. When a cop asks you for your SIN, you give him the fake number, he looks it up online and gets a bunch of pictures, fingerprints, etc that look like you, so the SIN must be yours, right?

So you can house multiple fake SINs on the same commlink and just choose which one to give out when someone (or some agent, or whatever) asks you for your SIN. Of course, someone hacking your commlink might discover your collection of fake sins, but then again, maybe not. It's probably also possible to simply remember your several fake SINs, and manually input whoever you wanted to be into your commlink.

[b1ffov3rfl0w]

The SIN is a number, really -- that's what the "N" stands for. The "S" is for the system that the number is stored in. A fake SIN is "present" on numerous secure (well, mostly secure) databases, which is why you can't just make your own. You pay to have that information, and to have the biometric data massaged to resemble your own. It's not a thing like a car or a krill burger or a gun; it's data stored in various places. The rating corrseponds to how those data hold up to scrutiny.

[Cthulhudreams]

A 'Fake SIN' is just a data package, with names, backgrounds, telling you what the description and fake biometrics if any are, etc, that has hooks into one or more valid SIN issuers databases which could be whoever (Ares, UCAS, or indeed an expired corporation (a favorite choice as it is totally impossible to validate most of the history and many, many people are in the same boat so its not even remotely suspicious)).

When someone gives you a fake SIN they have any number of options, including copying it onto some cufflinks and sending you a present, leaving it in a matrix dead drop and telling you where to get it, sending it via a data call, whatever.

Using two SINs on one commlink is completely retarded as the cops know at a glance that A) one is fake and B) that they should get right on arresting the shit out of you for fraud.

Changing SINs in a public place is also retarded, as some system might notice, and that gets you arrested. Its risky to change in a mall (even in the toliets) because they may (if they are looking, which is by no means a given) notice that Jane Citizen went in, but Joe citizen came out.

[Riley37]

So if a cop or any other person running a SIN check sends a confirmation request, and gets back info matching the person with the SIN... then that means that the database has the biometrics of the subject. Which implies that if you get a fake Evo sin, *your* biometrics go into both Evo and SIN registry databases. Which means that if Evo ever gets your biometric data any other way, and spend the resources on cross-checking databases, then they'd be able to connect the two instances of matching biometric data.

Which means don't ever get a fake Aztechnology SIN, and if you're a troll or orc, don't get a Renraku or MCT SIN, unless you happen to trust those particular corps with your biometrics.

[Cthulhudreams]

Yeah, this is the thing that people where banging on about in the other thread. I have it work like this:

Corps and governments will not ever, ever under any circumstances let anyone run a broad based check against their SIN-base (So all EVO SINs are held on an EVO master server somewhere). The only thing people outside of EVO's top security people are allowed to do is give a set of biometrics, and a SIN, and you can see if they match to authenticate. But thats no good if you want to match the DNA you found on the crime scene to someone, which is intentional. Ares' don't give a toss if Evo cannot find out who assassinate the CEO/blew up the research plant/whatever. They don't want Evo to know either and want to make it as difficult as possible to find out.

They will let you scan their databases of criminal SINs though no problem however, especially anyone they have a warrant out for.

Your statement seems to imply that there is a single repository of SINs somewhere. I don't think this actually has to be the case (though nothing says its not) as all these people are seperate nations, they like nations today probably keep that information themselves, and let other people check against it.

The justification for me is that they are so paranoid, is that the request might be for something else - say Ares extracted a Renraku scientist, Renraku might run a DNA scan for the guy so they can find his new ID so they can steal them back. Or it maybe they are preparing to run a ritual team against the DNA sample and want more info. You never know. So they don't let anyone find out.

[b1ffov3rfl0w]

There's not a single repository, and more importantly the data are shared across different repositories, which is why it's hard for one hacker to fake it -- changes have to be made everywhere before they're cross-checked and spotted, or something like that.

[hobgoblin]

bingo, one database may have entries like this:

SIN: 1234567890
first name: joe
last name: wageslave
date of birth: 01-01-2034

while another have something like this:

SIN: 1234567890
fingerprint hash: AAB3FF2746

and a third:

SIN: 1234567890
bank balance: 10000 ares scrip

and so, when joe goes to get a soycaf off the office vending machine he press his finger at the sensor, send over his SIN number and the machine checks database two for verification of print hash, and then deduct the amount of scrip needed from database tree.

[deek]

Yeah, I echo most of the comments above. Corps guard their databases, so you are not getting a free ride cross-referencing their data.

SINs are out there all over the place. What makes the SIN work are the details. I've had players hack an NPC's comm and grab a ton of their information. They then overwrote the comm data with a bunch of crap and started broadcasting the NPC's information. Now, none of the biometric data would match, but depending on where it was being used, you might not need much. As it wouldn't be that hard to purchase everyday goods using that SIN as long as you had funds (which would likely be re-routed out of your own accounts) to pay for them.

But, if the two were together and got scanned, it would be too hard to tell who the SIN really belonged to.

[Nightwalker450]

Changing SINs in a public place is also retarded, as some system might notice, and that gets you arrested. Its risky to change in a mall (even in the toliets) because they may (if they are looking, which is by no means a given) notice that Jane Citizen went in, but Joe citizen came out.

Actually changing SIN's in a public place is the best place to do it. The more crowded the better, just switch your commlink to hidden, swap your SIN's, and then switch it to public again after a few minutes. Changing it in a back alley where noone is there is the worst place to change it, because then there's not the crowd of people to wonder which one it is. Just the single guy standing there.

As long as you aren't in a place where it is incredible illeagle to be operating in hidden mode. But even then with an easy con check, you can just tell the person who stopped you that you were getting really irritated by the pop-up ads. Flip your commlink back to public and there are no problems. I've directed teammates to do this before. Left a junk commlink in one room broadcasting his Fake SIN (with spoofed cameras), so he could operate in another part of the building without anyone knowing he as there. Then when we were done I shut down his junk commlink and as soon as a guard stopped him for not broadcasting, he just had to flip his commlink out of hidden mode, and apologize to the guard. He's fairly computer illiterate for a character, so him accidently switching it into hidden wasn't much of a stretch for him in the con check (IMG:style_emoticons/default/biggrin.gif)

[BRodda]

Actually changing SIN's in a public place is the best place to do it. The more crowded the better, just switch your commlink to hidden, swap your SIN's, and then switch it to public again after a few minutes. Changing it in a back alley where noone is there is the worst place to change it, because then there's not the crowd of people to wonder which one it is. Just the single guy standing there.

Uhmm... Thats a good way to get yourself busted. Unless you have a new comlink number to go with it. I've had characters busted because they considered a cheap (nonrun) comlink as disposable and had a few fake SINs in it. Turns out the system gets interested when comlink #345r34f ownership changes from Bob Johnson to John Smith. Freaking Sec team was able to ferret out 3 of my fake SINs that way.
"We know that his com number is #345r34f. Tracking data shows that number has been used by these 3 SINs in the last 48 hours. Flag them all as fake and send out an alert next time the comm number shows up."

Needless to say from then on I had a one SIN per comlink limit from then on in.

[DireRadiant]

So if a cop or any other person running a SIN check sends a confirmation request, and gets back info matching the person with the SIN... then that means that the database has the biometrics of the subject. Which implies that if you get a fake Evo sin, *your* biometrics go into both Evo and SIN registry databases. Which means that if Evo ever gets your biometric data any other way, and spend the resources on cross-checking databases, then they'd be able to connect the two instances of matching biometric data.

Which means don't ever get a fake Aztechnology SIN, and if you're a troll or orc, don't get a Renraku or MCT SIN, unless you happen to trust those particular corps with your biometrics.

Depends on the records and how it's done. Both the data available and process can yield vastly different results

Consider a system with biometric data and multiple SINS for a Runner X.
Assumption 1 - SIN is a unique single value, it will either match or not.
Assumption 2 - Biometric data is inherently fuzzy, you can get degrees of matching.

SIN 1 + Runner X Biometric
SIN 2 + Runner X Biometric
SIN 3 + Runner X Biometric
SIN 4 + Runner X Biometric

If you send the system SIN 1 + Runner X Biometric and ask it if it matches, it will say "Yes"
If you send the system SIN 2 + Runner X Biometric and ask it if it matches, it will say "Yes"
If you send the system SIN 3 + Runner X Biometric and ask it if it matches, it will say "Yes"
If you send the system SIN 4 + Runner X Biometric and ask it if it matches, it will say "Yes"

If you send the system Runner X Biometric and ask for a match, you will get at least one. At this point it would depend on the protocol, it could easily offer a selection of SIN to choose from, or offer the "best" match, or the top 3 matches. (Note in the RAW the advice of an additional dice check for SIN verification that is a result of this type of scenario. Also look at situations where you are asked to provide corroborating identifying information in your day to day activities. It happens every time I go to my doctor, they ask for an additional piece of data from me to verify they are billing/pulling medical records of the right person. They need more then the exact match on the data I initially provided.)

There's plenty more variations that easily allow for a "dumb" remote query to allow a fake SIN to pass, and it would take a significant effort and data analysis for the fake SINS to be detected and removed. Keep in mind that there are always legitimate positive matches of biometric data between different individuals which always creates room for fuzziness in matching routines.

Think of a simple SIN checker as a box with an idiot light that goes red or green, and the more sophisticated SIN validators providing a higher level of detailed analysis.

When dealing with billions of people and non unique matching values it's not so simple to get exact results for matching.

[Nightwalker450]

Uhmm... Thats a good way to get yourself busted. Unless you have a new comlink number to go with it. I've had characters busted because they considered a cheap (nonrun) comlink as disposable and had a few fake SINs in it. Turns out the system gets interested when comlink #345r34f ownership changes from Bob Johnson to John Smith. Freaking Sec team was able to ferret out 3 of my fake SINs that way.
"We know that his com number is #345r34f. Tracking data shows that number has been used by these 3 SINs in the last 48 hours. Flag them all as fake and send out an alert next time the comm number shows up."

Needless to say from then on I had a one SIN per comlink limit from then on in.

I believe its a complex action software check to change your commlinks ID. Threshold 2 if I remember correctly. Commlinks change ID's easier than runners.

[BRodda]

I believe its a complex action software check to change your commlinks ID. Threshold 2 if I remember correctly. Commlinks change ID's easier than runners.

The problem I had was that I kept the same number because I was expecting a call from a contact. My ex-ganger never changed the number because he was afraid people wouldn't be able to contact him. My GM was nice, because it is the type of screwup that a newbie runner would make and it wasn't egregious. I lost 2 lvl1 SINs and a lvl 2 SIN.

Honestly I don't know to many players who remember to do that, unless of course the GM forgets that means the EVERY contact and player has every Com Code for each fake SIN.

[Nightwalker450]

Pass contacts through a randomizer node, not only does this make your number nearly impossible to track. All you have to do is goto the randomizer and put in a change of number for it to route your calls to. One change, not all your contacts. I'd also assume you could have multiple numbers on the randomizer, so any call will be sent out to all of those mailboxes.

Maybe I've just done alot more fluff reading and rules reading of the matrix, but changing ids and connections are really simple in 2070.

[MaxHunter]

nice approach Nwalker. It really pays off when one starts thinking and makes the whole game world much more consistent.

Cheers!

Max

[Earlydawn]

I subscribe to the logic that a SIN number is just an authority-issued number (I hesitate to use the word "government") that holds your government identity. Everything else is just attached by secondary authorities. The bank account attached to your SIN has absolutely nothing to do with whomever your issuing authority is. I would actually think that the more that you attach to a SIN, the more veracity you attach to it. It obviously presents the risk that if you bust on your SIN, you lose your cash.. but what runner keeps money in a real bank anyway?

[hobgoblin]

earlydawn, bingo (IMG:style_emoticons/default/wink.gif)

on that note, im starting to suspect that every service provider in SR keeps a record of its customers for a indefinite time. for one, storage is cheap, and one can always make a extra buck by selling the data to a datamining company.

so expect your kindergarten to keep a record of your years there, along with the record of your parents SINs and so on.

also, the changing id by keeping accessid stuff, change it to but route all calls vis 1 or more forwarding services, services that dont care if you change the accessid ever so often (IMG:style_emoticons/default/wink.gif)

[BRodda]

Pass contacts through a randomizer node, not only does this make your number nearly impossible to track. All you have to do is goto the randomizer and put in a change of number for it to route your calls to. One change, not all your contacts. I'd also assume you could have multiple numbers on the randomizer, so any call will be sent out to all of those mailboxes.

Maybe I've just done alot more fluff reading and rules reading of the matrix, but changing ids and connections are really simple in 2070.

*sigh*
I guess my problem is that that is how deckers and "professional" shadowrunners do it. My ex-ganger phys adept has a hard time doing math, preferred to have his fixer handle is money for him "For safekeeping. People rob banks, no one robs Uncle Tony. Besides do you want some hacker stealing all your cash?", and can't figure out how to turn the AR spam filter off on his commlink.

If it had a clock, it would be blinking 12:00.

So while all these tips and tricks are great for deckers and maybe some Sams, where is the line between meta-gaming and they way professionals operate?

[Nightwalker450]

*sigh*
I guess my problem is that that is how deckers and "professional" shadowrunners do it. My ex-ganger phys adept has a hard time doing math, preferred to have his fixer handle is money for him "For safekeeping. People rob banks, no one robs Uncle Tony. Besides do you want some hacker stealing all your cash?", and can't figure out how to turn the AR spam filter off on his commlink.

If it had a clock, it would be blinking 12:00.

So while all these tips and tricks are great for deckers and maybe some Sams, where is the line between meta-gaming and they way professionals operate?

Its pretty much survival. If you can't figure out ways to cover your trail, especially since most of what I've said are available through shadow services. You could probably get a hacker to write you a simple program to change your identities on your commlink easily. If you can't figure out ways to do this, whether doing it yourself or trusting someone else to do it, how can you expect to live long? Why do gangers only mess with other gangers, because the other gangers have very little chance of one upping them. If you mess with a corp you need to be on top of your game or you're a short lived runner.

You'd be suprised how much you can actually trust your hacker with. Most hackers would gladly help you provide security on your commlink, because if you get caught you're likely to bring the whole team down with you. All it takes is one commlink with bad security and they are in your groups communications, either listening or filling it with static so you can't even communicate. In 2070, if your a runner its expected that you know the ins and outs of your own commlink. Only a hacker needs to know the ins and outs of everyone elses.

[hobgoblin]

so have the hacker deal with the comlink like the fixer/face deal with the cash (IMG:style_emoticons/default/wink.gif)

[BRodda]

Its pretty much survival. If you can't figure out ways to cover your trail, especially since most of what I've said are available through shadow services. You could probably get a hacker to write you a simple program to change your identities on your commlink easily. If you can't figure out ways to do this, whether doing it yourself or trusting someone else to do it, how can you expect to live long? Why do gangers only mess with other gangers, because the other gangers have very little chance of one upping them. If you mess with a corp you need to be on top of your game or you're a short lived runner.

Like I've said before, not a whole lot of reason to go into a high security area where you need a comlink. He dealt with the security aspect buy hiding and living very deep in the Barrens. He was great at dealing with gangs and people in the Crime Mall, but he had a nightmare of a time going shopping for a nice dress for his mother (and this was in the Ork Underground).
I guess its more of a thematic issue and RPing. He let the face do his thing when it was time to talk in the civilized areas, but he was the face in the street.
As for dealing with the corps, there are TONS of ways to deal with that on the low tech. My ganger carried a squeeze bottle of bleach on every run to nail bloodstains with, primarily wore flats and gloves on runs, made sure we shaved almost all the body-hair he could off before a run and scrubbed loose all the loose skin, never cared anything on a run that he had a personal attachment too (even the gun he carried was discarded after every un if he had to use it. He was a throw adept and tended to use cards).

he did have one commlink he ONLY used for runs and the rigger configured that for him every run. And there one only 1 SIN on that and it was flimsy as hell.

You'd be suprised how much you can actually trust your hacker with. Most hackers would gladly help you provide security on your commlink, because if you get caught you're likely to bring the whole team down with you. All it takes is one commlink with bad security and they are in your groups communications, either listening or filling it with static so you can't even communicate. In 2070, if your a runner its expected that you know the ins and outs of your own commlink. Only a hacker needs to know the ins and outs of everyone elses.

I guess we never really cared that much about our commlinks. We just had a good firewall on them and used them sparingly on runs. Are people much more reliant on them in their games?

[Heath Robinson]

[/snip]

With all the extractions one would expect that multiple SINs would be a relatively common occurence; don't want your old employer to track you down by watching people accessing their database, nor get you into trouble by criminalising your SIN.

[MaxHunter]

There are tons of useful things you can do with a mesh of commlinks and a couple hackers!!

I have a group of players who are scanning / datasearching / hacking cameras and relaying info and positions all the time. A Matrix integrated group has a huge tactical advantage in the field, especially in Corporate Enclaves like this one campaign is. Of course, the team works for the government, so needn't worry much about erasing their tracks and all... (for now)

Cheers!

Max

[hobgoblin]

yep, working for the big dog has its benefits. gits:sac keeps coming to mind as an example. most likely as its tech presentation is very contemporary, and kind of SR4-like if one think of the implant comlink as a cyberbrain (IMG:style_emoticons/default/wink.gif)

i guess the best bit is when they borrow a echelon sat to track every phone call in japan in real time, looking for a guy (IMG:style_emoticons/default/biggrin.gif)