Questions on SINs Options

[Yerameyahu]

Even if they wouldn't rely on it, it could still easily be there. It all depends, and, in the end, doesn't matter much. Hell, you'd have lots of that info just on your Facebook in 2070, which would be public-access on your commlink.

[Doc Chase]

If it were my R4, I woulda got me a refund because it was obviously a hack job and they didn't deliver.

Enough people start screaming that their 'premium' fakes don't pass muster and you'll get a replacement.

Or a bullet, but that's the shadows for ya.

I'd rather see something speed up the opposed rolls to keep the action flowing. Drop a rating 6 SIN to buy a bus ticket, the rating 2 scanner's going to do its usual and see everything is in order. A 6 is going to have covered just about all the bases. A rating 4 scanner might require a roll. Say, the scanner or the SIN has a net of 2 or more above the other, no roll necessary as it's going to go to the higher quality product unless the team decides to 'modify' the outcome in their own way.

Barring that, why not make it the intuition of the schlub with the scanner and the rating versus a threshhold of the SIN's rating? It makes the 4/5/6 scanners well worth the money and time to put them together, and will make them last longer. You're also going to think a lot more about where to burn them. That takes the opposed roll out of the equation and makes it so the GM can just toss a roll, look at it and go yea or nay.

[Johnny B. Good]

I like that rule. I forgot to mention that we're also using a house rule of rating + edge against the reader. It's great for low rating readers but really doesn't help a whole lot against higher rating readers. Also it makes edge just that much more useful.

[Doc Chase]

I actually suspect it is /nothing/ except the number itself.
Cops, Corps, Shop Owners, Legal Brothels all have effectively real time access to all your information on their databases, and the public SiN database.

A loan officer at a bank, assuming you even see him in person, is going to send a request to your commlink for your SiN which it will respond with and then turn around access the Public SiN database to make sure you're not a criminal, and to make sure you are you, while at the sametime accessing their internal information on you.

You go to pay for something in a shop, using the ARO interface. You send your SiN, and the shop checks it against the public database, checks your biometrics, does a credit check, and then authorizes the sale.

Given how intergral to modern life the SiN is, there's no way anyone would accept the information stored on a $100 commlink, you picked up at radioshack that your average 12 year old could hack.

No matter the quality of the commlink, the encryption on the SIN module is the same.

And why would being a criminal matter? The loan officer is going to be more concerned about the method of repayment (and the Criminal flag on the SIN number itself is going to be an immediate indicator of yes or no). I'd think he's going to be much more interested in your credit and transaction history - especially the size and frequency of deposits into your account and by which institution.

A shop agent is not going to do a full background check so someone can buy a bag of chips. Stuffer shacks aren't going to deny sales to someone with a Criminal SIN. Their money is just as good as anyone else's.

You do not need a credit check for a straight funds transfer, and the commlink itself initiates the biometrics check the bank wants when the transfer is initiated. All the shop is going to do is check to see the transaction account increase.

Finally, if nobody would accept the information on that $100 commlink, then they would not sell them as that is where the SIN is stored. Joe Q Whitetrash running the Awesome Taco stand is not going to give a damn if you have a 'link you won from the claw game at the carnival - he just wants to see the numbers increase in his transaction account. If it does, there is absolutely no reason to check for a SIN.

[sabs]

No matter the quality of the commlink, the encryption on the SIN module is the same.

You're saying your hackers can't break a R5 encryption?

And why would being a criminal matter? The loan officer is going to be more concerned about the method of repayment (and the Criminal flag on the SIN number itself is going to be an immediate indicator of yes or no). I'd think he's going to be much more interested in your credit and transaction history - especially the size and frequency of deposits into your account and by which institution.

The loan officer isn't checking anything. The automated agents are doing all the checking, and they're following not only Corporate Rules and Procedures, but also Governmental ones where they apply.

A shop agent is not going to do a full background check so someone can buy a bag of chips. Stuffer shacks aren't going to deny sales to someone with a Criminal SIN. Their money is just as good as anyone else's.

Again, all this stuff is completely automated with rules and guidelines that Agents are using, flagging up, etc.

You do not need a credit check for a straight funds transfer, and the commlink itself initiates the biometrics check the bank wants when the transfer is initiated. All the shop is going to do is check to see the transaction account increase.

And file the appropriate sales taxes, enter your purchasing information into their database, as well as the other databases they are automatically updating as part of their multi-faceted marketing drive with the other stores in the Mall.

Finally, if nobody would accept the information on that $100 commlink, then they would not sell them as that is where the SIN is stored. Joe Q Whitetrash running the Awesome Taco stand is not going to give a damn if you have a 'link you won from the claw game at the carnival - he just wants to see the numbers increase in his transaction account. If it does, there is absolutely no reason to check for a SIN.

That depends entirely on how you pay at stuffer shack. If you use a cert credstick, he's not going to bother for your Id or SiN. If you use automatic payment deduction from your commlink ALL that info is automtically picked up by the 'Sales Specialist' agent running his point of sales.

If your SiN information was stored on your commlink, it would take literally less than an hour to create new SiN's for yourself. computer+decrypt threshhold of 5? computer+edit, computer+encrypt? How hard is that. Every hacker in the world would be walkign around with handfuls of fake SiN's at least of quality R3.

[Doc Chase]

If your SiN information was stored on your commlink, it would take literally less than an hour to create new SiN's for yourself. computer+decrypt threshhold of 5? computer+edit, computer+encrypt? How hard is that. Every hacker in the world would be walkign around with handfuls of fake SiN's at least of quality R3.

*facepalm*

Basics.

I'll say it again.

Basics

One more time, because it keeps getting missed.

Basics

Do you see it? Do you? I don't think you do.

What's the average number of hits someone's going to have on a computer+decrypt? Enough to break the 5 threshold? All right. Then they get:

The guy's name. Weight, height, age, birthdate. Issue country of SIN. Bank account info, dating profile, Facebook info because that is stored in the commlink, as stated by the BBB.

They don't have a magic portal into everything. I have never said they do. I have acknowledged that they don't. I am saying the commlink has some SIN data. Enough to qualify as quite likely a Rating 1. I have never said creating a SIN is not difficult. I contend that the syndicates who have the manpower to cover those bases both create and insert their own and convert stolen ones after cracking the biometrics servers or outright paying off someone on the inside. Hackers and other paranoid folks do walk around with a handful of R3 fakes because they need throwaways in case they get caught and being SINless in a secure zone is a death sentence. I have never said it is easy to make a fake and why you continue to insinuate it is completely beyond me. You do realize the threshold on creating a SIN is absurdly high, right?

[DireRadiant]

A SIN is your identity. It is not needed for financial transactions whatsoever.

Just because your SIN may include some information that can be verified on the spot does not preclude the fundamental third party verification process. This process exists today.

Get pulled over by a LEO and hand them your drivers license. They run it through the system to get additional data. That additional data was not stored on your ID. All those outstanding warrants and sundry other alerts the various law enforcement systems have associated to your ID only came up because of that third party check. On top of that, today, when that LEO runs the ID check, there are various level of checking. Do they run it through the regional association of states? Do they go with nation wide state systems? Do they use the federal systems? Do they use the special databases of particular types of offenders? And then there's the jurisdictions enter the data to begin with, and then the question of whether or not the data got shared or synced to other systems.

That's today. So what happens in SRuniverse?

Same process, except there even more different systems and they do not like to share. A UCAS query on an AZZIE SIN is just going to get back a comfirmation "Yes sir, that really is an Aztechnology SIN. Sorry, no personal data will be given to you on our lovely citizens for you to target them with, Buy Aztech Brand"

[Yerameyahu]

Sounds right.

[DireRadiant]

So you got some biometric data... Which system are you going to make the request through? There's thousands and you don;t have access to them all. If the system you have doesn't return the match for the SIN, all that might tell you is that the SIN isn't in that system.

If you got someone's SIN, and then took a biometric, and then ran the biometric check through that SIN database, and got a negative match, that would reveal a possible fake SIN.

[Acidsaliva]

I tend to use this house rule for my SIN checksSIN Verification

[Yerameyahu]

It's too bad it's so clunky. :/ Does it play well?

[Tymeaus Jalynsfe...]

I do not think this is a very accurate representation of how well SINS work. EVERYTHING requires SIN verification, from busses to guns to clubs. Many of these are equipped with SIN verification equipment. The way verifying a SIN works is the verifier rolls its rating against the rating of the SIN. So if you're going to ride a bus (R2 verifier) and you use your shiny new rating 4 SIN, the bus will roll two dice and you will roll four. It's very possible that that shiny new 8,000 nuyen sin will get burned on everyday activities.

I actually did burn my 8,000 Nuyen SIN right out of the gate, trying to tail a wageslave onto a goddamn bus. I got stopped by the bus driver, and the wageslave rode off while I stood outside and scowled.

That being said, I think this system is dumb. I like Doc Chase's system better (Maybe with a little modding to include dicerolls of some sort).

Just out of Curiosity... Why are you paying 8,000 Nuyen for a Rating 4 (?) SIN? (IMG:style_emoticons/default/wobble.gif)
These things only Cost Rating x 1000 Nuyen normally...

[Doc Chase]

Meh. I like the autofail/autosucceed rule, but it just means there's no point in having rating 1 or 2 scanners or ID's for anything.

[DireRadiant]

I do not think this is a very accurate representation of how well SINS work. EVERYTHING requires SIN verification, from busses to guns to clubs. Many of these are equipped with SIN verification equipment. The way verifying a SIN works is the verifier rolls its rating against the rating of the SIN. So if you're going to ride a bus (R2 verifier) and you use your shiny new rating 4 SIN, the bus will roll two dice and you will roll four. It's very possible that that shiny new 8,000 nuyen sin will get burned on everyday activities.

I actually did burn my 8,000 Nuyen SIN right out of the gate, trying to tail a wageslave onto a goddamn bus. I got stopped by the bus driver, and the wageslave rode off while I stood outside and scowled.

That being said, I think this system is dumb. I like Doc Chase's system better (Maybe with a little modding to include dicerolls of some sort).

Another question: What prevents the national SIN registry from finding/flagging entries with identical biometric data? Common sense tells me that they would have a system to prevent that.

Also, how much of YOUR biometric data would your average fake SIN include?

There is a significant difference between showing that you have a SIN and verifying the SIN all the time.

Public PAN areas are simply requiring that you "Clip you ID on your outer pocket so everyone can see you have one". They aren't verifying the SINS with a SIN check every time they see one.

[Doc Chase]

There is a significant difference between showing that you have a SIN verifying the SIN all the time.

Public PAN areas are simply requiring that you "Clip you ID on your outer pocket so everyone can see you have one". They aren't verifying the SINS with a SIN check every time they see one.

Indeed. Walking down the street and getting 14,000 SIN verification requests for the same number to the same server strikes me as a colossal waste of data.

[Mordinvan]

Jut reminds me of my favorite combination, sinner, and erased. That way even if you real sin turns into a criminal sin, it changes back again within 1 week, so far as every computer on the planet is concerned.

[Yerameyahu]

Erased is stupid-good, but the fact that it exists reminds us that the SIN system is hackable (by someone or something), and fallible.

[Whiskey]

Another question: What prevents the national SIN registry from finding/flagging entries with identical biometric data? Common sense tells me that they would have a system to prevent that.

Very simple... the massive amount of data available and trying to compare it all.

Easy way to think of it... I give you 1 million, one dollar bills and tell you two bills have the same number... but I'm not telling you what the number is. How long would it take you, by hand, to find that number?

That's just fingerprints for you. Now, extend that idea to other data. DNA, (here's an another SEPARATE stack for you to check, of 5's), Iris scans (here's a third stack... of 20's) Age (50's), Weight (quarters), race (dimes), eye color (nickles), hair color (pennies)...

And your one guy. Isn't it easier just to put one of each in an envelope and label it with a number, and give that reference number out so when someone askes you, you can pull it up, look in and say, "Oh, he's a 46 year old weighing around 230 with blue eyes and green hair."

Someone gives you one of each and say 'register this'. Into an envelope they go and you give out a new number, then go back to looking at those huge stacks and trying to figure out how to find the duplicates...

[Mordinvan]

Erased is stupid-good, but the fact that it exists reminds us that the SIN system is hackable (by someone or something), and fallible.

It is my favorite must have positive quality. Balance it off with sinner to pay for it, and it becomes even better.

[Yerameyahu]

Yeah, I feel like Erased automatically erases SINner, and that you therefore can't take SINner. (IMG:style_emoticons/default/smile.gif) But yeah.

[Mordinvan]

Yeah, I feel like Erased automatically erases SINner, and that you therefore can't take SINner. (IMG:style_emoticons/default/smile.gif) But yeah.

Erased only removes negative material on your sin, not the sin itself. Read the quality closer, its actually a must have.

[Whiskey]

I wonder if erased can be used like a kill switch on your SIN...

You no longer want a SIN at all. Ergo... Sin dies as it is erased. you would probably lose the erased quality too but who knows. Maybe there's a gremlin that actually LIKES you and has made it's life goal of keeping you sinless.

[Yerameyahu]

I always use the 10BP version, which erases everything (you want). But yes, I'm not saying what I described was RAW. It's just anti-abuse house rule, that's all. (IMG:style_emoticons/default/wink.gif) I agree that it's obviously the best quality there is (not including things like Mystic Adept), and I use it on my characters more than is reasonable.

The general rule is that qualities that don't hurt you don't give you BP, right? Or, they give you much less. You can see what I'm saying. (IMG:style_emoticons/default/smile.gif)
In addition, the fluff for Erased clearly says you have *no* SIN, which is a little contradictory for the 5BP/10BP distinction. It clearly says that you can have wanted data you need to function. What a mess. (IMG:style_emoticons/default/biggrin.gif)

[sabs]

Except that it's a computer program, that's running 24/7 that's doing the comparisons. Not some person.
Imagine this: They store DNA information alphanumerically somehow. Tell your Agent to sort all DNA alphabetically, then compare ones that are similar. It's not really that complicated. Right now I have a fairly simple program that does eurythmic checks for duplicates.
It checks:
name
serial number
mac address
ip address (ipv6 and ipv4)

looking for duplicates. It will even show you the items that are duplicate in /several ways/
All without an Agent or AI. Add the processing power and bandwith of Matrix 2.0, and finding duplicate SiN information in the database is pretty trivial. Now admitedly, you don't really need to worry about CAS and UCAS comparing notes with each other, or with Ares. But having duplicate biometrics or information in the same 'database' would certainly be an issue.

Also, given how publicly available your information is, I could see certain types of people having groups of agents and botnets doing id comparisons. If you're in the job of knowing secrets and people, it certainly is worth doing. Course, just because someone knows you have 3 id's across 3 sovereign groups, doesn't mean they're going to do anything about it. Except maybe blackmail you to do some runs.

[Five Eyes]

I've been thinking about exactly how often SIN gets checked recently. I'm a little unsatisfied with how unreliable fake SINs are, especially if actual checks are as common as "every time you make a purchase" or, god forbid, "every time you pass a cop."

I've got a few ideas for house rules for the SINs to make them more predictable for the runner (In general I work with players that recognize that if your fate's come down to an opposed die roll between nearly-equal pools, you've done something wrong), but I'm liking this thread as a source for what the SIN really entails in terms of information and how often it's checked.