Guys,

I have an honest question about something that is IMHO very poorly explained in the rules at best and at worst is actually contrary to both common sense and real life practice.

Specifically, what happens if you want to change/alter/hide your identity? Obviously you start by arranging to change your appearence (including magical signature if appropriate) and by burning any connection to your past life. You also (carefully) need to get a new (false) SIN.

That much seems clear, but here's the tricky part.

Technically by the rules, even the best false Identity money can buy will quickly become useless since each attempt at verification allows a chance (no matter how small) that the transaction will fail.

While this makes sense for the first few transactions, that seems contrary to everything I know and have read about washing your identity or (for that matter) with regard to identity theft. From what I have read you want to make as many "easy" transactions as possible with your new identity....including making retnal purchases, liscenses, shopping, bank accounts, etc etc.

The reason for that is because the longer you "live" in your new identity, the more real it becomes because you have real, valid, and verifiable data that makes the identity more genuine. AFAIK this is Identity-Theft 101. This includes paying Taxes btw on your new identity.

How is this represented in the rule set? If it isn't represented in the rules, how should it be? It seems to me that if you start with a good solid fake SIN (say rating 8 which should be enough to fool even the branch office of a bank), it should be reasonable easy to make the rating increase with time as more and more valid transactions are made on it.

Thoughts?

-Polaris

As far as I know, the higher the rating of a fake SIN, the more data trails (IE transactions) that are already written into the ID. What makes fake SINs so difficult to make are all the little connections and purchases incorporated into it. This results in the higher rated SIN passing more checks because of the little details.

Nod to above. Theres really two thoughts occuring here.
1) that every use has a chance to fail
2) that every successful use doesnt increase the rating
Theres a few things you could do to help solves those.

First, the situation you describe sounds, to me, more like using a lower rating SIN which would theoretically become better in grained over time. Thus, you would have to implement some sort of "experience system" that allowed a SIN to improve after passing enough checks. Its very plausible that as you use a lower level SIN it gradually builds up the kind of transactions that verify it, and thats a good substitute for simply paying nuyen to have them start on the SIN (which is what buying a higher rated one represents).

The other is that every use has a chance to fail. In order to counter this youd have to come up with some kind of "grading scale" which determined which checks were how hard, perhaps in conjunction with ratings. The difficulty would be with the overlap of those two. Ideally a SIN would automatically pass checks that were trivial to its rating, and while the chances get close to that the small chance for fail does remain.

Perhaps in conjunction a SIN (say rating 4) would pass some checks for a few months, checks of a "graded scale" near its level. Thus it would "gain experience" and become rating 5. Now it can auto pass the checks it just completed, and if it passes enough higher ones the process will repeat. As long as the SIN doesnt fail it allows the user to bypass trivial checks, and if it holds under scruitiny the increasing data trail makes it even more rock solid.

Now, thats all in theory. Its my idea on how to do what you asked. Im not saying that its good or bad, or that it needs to be in place, its just my take on answering a question. Hope it helps.

You could alway make a house rule that for every X amount of time the rating of teh credstick could increase by 1 point.

As for what X is, that depends on how quickly you think the rating would become better, it could be based on the rating itself.

E.g. After every <current faked credstick rating> months of use the credstick increases by 1 point. So a rating 1 credstick will become a rating 2 after only a month of use (but it is risky using it for that 1 month) but increasing a rating 6 credstick takes 6 months.

or

E.g. After every <current faked credstick rating x current faked credstick rating> months of use the credstick increases by 1 point. So a rating 1 credstick will become a rating 2 after only a month of use (but it is risky using it for that 1 month) but increasing a rating 6 credstick takes 36 months, or 3 years.

I would favour the latter (i.e. current rating, squared) as it still keeps it difficult to get a really high rating forged credstick.

E.g. To take a rating 4 credstick to rating 8 would take 126 months or 10 and a half years! (4*4 + 5*5 + 6*6 + 7*7 = 16 + 25 +36 +49). Whereas taking a rating 1 credstick to rating 4 takes only 14 months (1*1 + 2*2 + 3*3 = 1 + 4 + 9) as after a year of use you've probably more than doubled the amount of corroborating data that was put into that original rating 1.

The White Dwarf,

Yes, this is exactly what I was looking for....a some solid ideas to throw past the GM....because the rule-set is grossly inadequate IMHO. I will quote you and respond to specific points.

DigitalMage,

I think that a straight rating-squared in months is far too steep, especially if you take active measures to "live" in your new identity. That said, I do think that it ought to be quadratic in the rating, but I also think some checks should become automatic, i.e. a rating 12 false SIN should always beat a rating 2 verifier at the corner Stouffer Shack with no roll required.

Might I suggest rating-squared in weeks rather than months. I say that because I happen to know (having worked at one time for NSA) that it is not that hard to establish a false identity this way if you have something to start with (i.e. an SSN or Birth Certificate).

If you started say with a rating 4 false ID, it would take 16 weeks to raise it to five which seems reasonable, especially when you consider that using an ID that is less than 6 is taking your life into your hands (even routine transactions with a rating 4 ID have an unreasonably high failure rate even on a rating 3 verifier). If you started with a rating 8 false ID (which I consider the minimum for any kind of safety), then it would take 64 weeks to improve it....or just more than a fiscal year which makes a lot of sense for a lot of reasons (taxes anyone?)

Just a few of my thoughts. Keep the ideas coming though; I appreciate it.

-Polaris

A scale in weeks might be fine for living on an ID, while months might work better for a runner who only uses a fake ID when needed. I mean if you tie rent and taxes and insurance etc through your ID it will see more use and go up faster, but then if it fails it seems to me like a larger amount of drek would hit the fan. Theres got to be some relative time factor as well, if you commonly do one run a month in your campaign, waiting a few games to have your ID go up might be ok. But if you do a run every week, even 2 months will seem like forever. A balance between campaign time / real time, and also taking into account whats being used in the ID needs to be done; which is complex and a possible reason why its not in the rules as written.

Back to the auto-pass idea, I was originally thinking of something along the lines of "a credstick automatically passes scanners equal or less than half its rating". I was trying to figure out some kind of statistical cutoff when the "chance of failure" starts to turn into the "when I roll all ones". Just from mental math it seems that a rating 6 ID versus a rating 3 scanner is very unlikley to fail (avg 4 successes to 50/50 shot of one, even out to two standard deviations I think that will hold but like I said thats a fast mental check).

Ideally youd have to come up with a value (in percent) when the fail chance becomes insignificant for you, then match that to relative rating values. You would also need a "cap" of some kind, a level at which you cant auto-pass. Both of these are going to be different depending on play styles making it difficult to come up with a hard and fast rule that will fit everyone; which is probably why it doesnt exist in the rules as written. Rather they let it stand to play out on the dice, figuring that on the whole the "autopass" and "cap" will occur in most cases just because its so hard to roll a pass or fail with some IDs on some scanners.

Just a few more thoughts on the idea.

White Dwarf,

Thanks. Keep those ideas coming. In particular, I like the idea of having an "Autosuccess" when the verifier is less than or equal to half the rating of the false ID, but given the rules as they are written, I would add a caveat:

Only False SINs/Credsticks with a rating of 6 or more can have automatic successes. That is because when your rating goes below six, the chance of failure even with an inferior verfier goes up dramatically. This is an inherent flaw in the SR d6 system. In particular, a rating 1 false identity can never succeed. At best it will query the user (tie). That is why only a fool buys a false ID that is less than rating 6.

As for a cap for autosuccess, I would say that rating 8 verification is fair. That is the verification at most major banks, and would require a 16(!!) rating in your false ID to get an autosuccess. Going from a rating 8 false ID to rating 16 would take more than a decade....even using rating squared in weeks. I would think that any verification that is more than eight involves acutal gumshoe work of the sort that the goverment does for Top Secret security clearances and the like. Those take a long time but are very hard to fool. There should always be a chance to fail such intensive verification procedures IMHO.

As for time, I think that if you have a phony ID that is rating 6-8, you should expect to see it improve about every 2-4 game sessions with higher ratings taking geometrically more time. What that is would be up to the GM since no official rule seems to exist.

As a pet peeve, some sort of official rule should exist for this type of washing of identities since it is a tried, true, and proven method of generating phony IDs (much better than trying to insert one via the Matrix). The major drawback, of course, is that it is time consuming.

-Polaris

Check out the Sprawl Survival Guide's edges and flaws for SINs. One of them, called "Aging Well", does what you're wanting.

But keep in mind that while you're laying down new data on the SIN, you're also having some of the older (and some of the most critical) data be erased as it's found to be erroneous by internal error checking, restoration from backup, etc. Sure there's an indication that you bought a stereo from the mini mall three years ago, but what happens when the store does an inventory and realizes that they never sold that stereo? They probably just chalk it up to clerical error and invalidate the transaction in the system. Criminal activity is much more stringently tracked, as well.

When you go to Stuffer Shack, whatever the rules are saying, the system WILL NOT check for a small stupid routine transaction where you were born, your driver license, your insurance affiliation, your tax records, your NSA, Interpol, FBI and other security agencies records. They don't even check your corporate files etc.

They check only if your bank agrees to the transaction. Point.

So there isn't any point to roll dice for basic stuff. Basic stuff should thus be considered automatic.

Now if you want to book some entrance in a very private club/restaurant, etc or you want to go through customs or any security check etc. you should definitely roll dice; furthermore in a stressful situation.
It will teach you not to be stingy on important stuff.

I had players who had so important and numerous ennemies, that in the end they routinely changed every 3 months: city/country they lived in, face, hair, eye colour, fingerprints, voice, skin colour (sometimes), aesthetic implants for the body to slightly change shape and of course ID, but not the fake ones.

(Also, to be more "bland", one of them always went for the top ten esthetics surgery faces of the month from Yamatetsu or Aztechnology. )

If you really want no problem with ID, you need to make REAL ones... So it means you need to know some people/corporations/governments and be really good friends and also never say no whenever they need you.

Whatever solution short of the real thing, you can never feel 100% safe.

I've always had the character's ids checked when opening the account--not when buying a donut. The higher accounts require a commiserate increase in security; so opening an Ebony account would pose some problems with a common idenity.

In the GURPS system, your fake ID actually degrades over time, due to the massive integration of the systems. The redundancy and error checking has been built into the system because the corps got sick of getting screwed by identity thiefs. So, a credit check doesn't just check with a credit agency, it checks with the IRS, your bank, the DMV, because all that info and more is actually contained on your credstick. And those agencies check with other agencies. And there's smart frames going through the systems checking inquiries against travel visa's and tax forms and magazine subscriptions and birth cirtificates.
The higher rated SINs are higher rated because more of the blanks of a 20 year life have been filled in. But, eventually, someone is going to hit a big blank. Especially with a made up ID. With a stolen ID, there's at least a real, complete history. But, those won't last for long for the same reasons. If a guy in Seattle buys a burger at Stuffer shack while he's in Atlanta on business, the system WILL catch it. Probably not right then, but it'll set off alarms, and get added to some 'bots list of things to check out.
So, your ID won't really fail because it failed right then, it fails because you set off an alarm three weeks ago, and Renraku Financial Smartframe #294 just finished searching and flagged your fake SIN.
To simulate this, make the characters do a normal test the first time they cross a boarder or do anything bigger than a stuffer shack run with it, and if it passes, give them a week of use before there's anymore checks. At least for any checks less than their credstick rating. After that, go back to checking every time. Because the noise will build up, and eventually, it will fail because the guys who made the system are smart and they keep getting smarter.

You might also want to check out this link from the Graveyard column on the Shadowrun Archive:

http://archive.dumpshock.com/Graveyard/Sho...3?page=sins.htm

It's by no means canon, but it is quite interesting. I particularly like the idea of a maintenance fee to keep the fake ID useable.

RiceBowl,

To my knowledge there are no rules for making REAL SINs. However, I do know that if you use (and get away with) a false identity long enough, it becomes so real that the difference is moot. There are other tricks to identity theft, but I happen to know that in real life the longer you use a false Identity without it being blown, the better it gets.

-Polaris

Bearclaw,

I am familiar with GURPS, and that rule (that ids degrade) assumes that the phony ID and paperwork is static. Actually, come to think of it, the SR rules assume the same thing even if they don't explicitly say so. Let me explain what I mean by "static":

If you get a phony Driver's Liscense or fake passport, then eventually someone will find out that it is fake because of small mistakes/oversights in making the forgery. The same applies to counterfeit money...no matter how well the bill is counterfeited, eventually someone is going to notice. That is because ultimately the information and identification itself is a forgery and thus does not evolve with the databases that support it.

What I am talking about is a dynamic false identity. In this case you start with the forged original document and then use that to get the authorities in question to issue you genuine papers in your new name. This is by far the best and most tried-and-true method of stealing and falsifying identities. If you do this correctly, you only use the original (and risky) forged documents once or twice and then use the genuine documents issued to you to get more documents and thus reinfoce your identities. They call false Identities "dead babies" for a reason since the most common scheme is to use a forged Driver's Liscense to get a certified copy of a birth certificate of a baby that died. Once you have a birth certificate, you can get any document you want.

Thus if you have taken the trouble (and nuyen) to make your false SIN a dynamic one, then it should improve with time as more and more data is fed into the identity.....and the chance of detection otherwise should decrease. Of course as the identity gets better, it starts to get the same disadvantages of a genuine SIN as well.....

-Polaris

Sounds to me like you want to introduce a new ruleset for "Dynamic SINS":

They would operate the same as normal fake SINs, only they start at rating 6 and up. This is because the effort needed to get one (using real papers etc) doesnt result in an ID of lesser quality than rating 6. Also, it would probably take additional time and cost, because of the need for said (real papers etc) in the setup process.

Such a "Dynamic SIN" will automatically pass any checks equal to half its rating or less. It will also increase in rating every [rating x rating] weeks of "successful use". If a "Dynamic SIN" ever fails an opposed test it can no longer increase in rating, as it has been flagged anomolyous by the system. However, depending on how the situation roleplays out it may still be useable at its current rating.

A "Dynamic SIN" cannot ever automatically pass a check against an opposed scanner of rating 8 or more. Such scanners are thurough enough that no matter how good the fake is, there is some chance of detecting an anomaly.

Hows that sound? In addition to the above, you might consider saying they are *only* available at a starting rating of 6. I mean each one is getting based off pretty much the same documentation right? It would make sense that such papers equate one ratings value. It would also prevent this from getting out of hand with super high IDs getting even higher, and from starting off with auto passing high checks. It would force the player to take some risk up front (rating 6 versus for the chance of greater payoff later on. This would also add some element of paranoia about failing an early check... I mean if it starts at 8 or 10 its not likley to fail ever so its like giving them free bonuses with the passing and upgrading. Keeping the initial rating a bit lower would force them to hope it goes undiscovered long enough to change into the rock solid ID it has the potentail to be, and fits with what you described.

WhiteDwarf,

Actually this is an excellent idea you have there. How about this in addition to it:

Dynamic Credsticks are only available at ratings 6 to 8. The need for real paperwork makes a rating less than six impossible, while the inherent risk in getting real permits and other paperwork makes anything above a rating 8 problematic.

Dyanamic Credsticks cost the same base price as a normal false Credstick, but the user must pay 10% of the base price per month to establish the proper identity trails This extra cost must be paid for one calendar year or until the SIN is discovered to be anamalous whichever comes first. In addition, the credstick has an availability of +2 over a normal credstick and takes twice as long to deliver (it takes time to establish a real data trail).

If that seems insufficient, then cut the cost to 5% per month for a year and increase the base price by 50%.

How's that? I perfer the first method since actually starting a dynamic false SIN need not be more difficult (and in some cases can be easier) than starting a normal, static one. It is the continual use and cash flow through it that makes it dynamic after all.

Thoughts?

-Polaris

Polaris: I need new ID in real life. Got any contacts?

Fortune,

I could tell you but because of an agreement I signed with the US Goverment when I left the military, I would then have to kill you

Seriously, though, anyone that has worked in intelligence can tell you that Identity Theft is easy....and the internet has actually made it easier (and since the matrix in SR is much like the internet today, the same should apply).

-Polaris

That sounds pretty good. The use of numbers and percents together there left me a bit confused as to which costs you mean exactly, but one concern is getting the players to say what all they put on this thing to 'run up a tab' on their ID so to speak. Many might not want to specify everything, or even think of it. A flat rate to represent that area sounds fine. Its the same approach lifestyles take, no one wants to get bogged down figuring out if they paid rent and utilities when they need to go grab an exec being held hostage in a secret corporate lab. An appropriate flat fee every month should be perfect.

Also, not knocking what you did but just want to point out this effect: If you limit the ratings to a 6-8 range, youre effectivly saying you can only auto pass rating 1-3 scanners, or rating 1-4 scanners. Soon as you hit a rating 5 scanner youre back to having a chance of failing. Good, bad, whatever, that is the effect you get with the ratings limits. We dont even use IDs enough in our games that I have a firm grasp on how often rating 5+ comes into play. So I hope that falls into the "reasonable it might fail" area of your thinking.

Lastly, I doubt this will get implemented for us. Like I said, IDs dont come up too often for us, we tend to make use of contacts and such to bypass most ID needs. For us SR is slanted a bit more to the "who you know" than the "do it yourself" in terms of getting access to legal things illegally. That said if you try it and it works, Id be interested to know, as I sorta just took a look at what you were thinking and tossed down some figures that should work in game. Kinda curious how my guess pans out.

WhiteDwarf,

Yes, I think that initially at least (during the most risky time of a new ID), banks and government institutions are the most likely to foil it....which is rating 5+ verification which seems reasonable to me....at least at first. Also if you start with an 8 rating, you are likely to fool even the branch office of a bank (rating 6-8 ) verification and normally that is as tough as you will ever see. Certainly a rating 4-5 verifier will be blown away which is as it should be IMHO.

-Polaris

There's also the ID edge "Dead Man's Shoes" suggested in the SSG.

Now, technically this is a fake SIN ... but in many ways it's as real - and thus as solid - as any regular SIN out there. Someone was born, registered, did all the usual things which cross-registered along all the various datawebs to a degree most faked-from-scratch SINs won't ever be able to duplicate.

If the death was for whatever reason not registered, if the body won't ever be retrieved (several ways to accomplish that!), if the person already held one of those independent jobs which didn't absorb into one of the megacorporations, if all the person's various interactions have been tracked down ... then all that would really be needed is a reasonable physical resemblance and a decker worm replacing fixed data (DNA, fingerprints) across the board.

Don't even bother changing the name. As of now, that's you.

An even better variant can be worked out in a long-term game, especially for elves, by tracking down SINs of babies who died shortly after birth, deleting the death certificate (if any), and systematically building an identity around that child over the years.

My understanding is that this used to be pretty trivial to do in the US. You found some baby who died, then go the the place of birth and ask for a birth certificate. Then use that birth certificate to get a driver's license, etc. One of the main hurdles was apparently a Social Security card, but they were not 'required' during this time period (~1960s).

The main problem with 'dead mans shoes' would seem to involve things like your high school year book (hope you can write like the dead man, and know what the dead man did in high school, ... and college, etc)

Here's the thing, Polaris. Some of the data on a credstick won't be dynamic; basic stuff, like date of birth, schools attended, DNA and so on, will be pretty static. Luckily enough, most ID verifications won't delve quite that deeply.

While I don't like the thought of autosuccesses, I do agree that it seems wonked that a rating-12 fake SIN can be blown at the Stuffer Shack. However, someone on the old forums pointed out that the rating-2 readers they had would give whacked readings 1 out of every 36 times they were used. In all likelihood, what would happen is the same thing as if your credit card threw a weird reading: "It said what? Oh, it does that all the time. Just wait a sec and run it again." As a GM, I'd allow a totally new roll at that point; only if the reader somehow managed to tag your ID 3-4 times in a row would I consider having it blown. (Sometimes, police do get lucky, after all. And if you're dumb enough to run it like that 3-4 times in a row, then you deserve what you get.)

Granted, I don't usually roll ID checks at the Stuffer Shack; I only roll them when it's important to the story. But if I ever need to add that extra bit of tension to the story, I'd prefer to be able to do so, instead of adding autosuccesses.