The Case For Never Expiring ID

In the latest Lee Child novel Better Off Dead, Jack Reacher checks in to a hotel in a remote town in Texas, enroute Alabama. The room is booked in his name and prepaid by the bad guys whose nuke he’s ferrying from a hic town on the Mexican border in Arizona.

When the lady at the reception asks for his ID, Reacher offers his passport. She returns it to him, saying it’s expired.

While conceding that he cannot travel abroad with it, Reacher argues that an expired passport should still work as ID – after all, he hasn’t changed into someone else just because the passport has expired. Pointing to her computer, he tells her:

“Go online if you don’t believe me. Check with the federal government.”

Which is obviously a bluff but, as always, Reacher has worked out the odds in advance.

She didn’t believe me. I guess she was weighing the consequences of proving me wrong. The paperwork involved in issuing a refund. Explaining to her bosses why she’d turned away a customer. The impact on occupancy statistics.

And, as always, it produces the desired result:

She paused with one hand hovering above the keyboard. “No need Mr. Reacher. I’m sure you’re right”.

If only everyone who takes our IDs pauses with their hand hovering above the keyboard.


Back in the day, when you showed your ID to a human agent, they had a cursory look at it, and flagged you through. It hardly mattered whether your artefact was current or not.

But, nowadays, they don’t. People wonder why – like the Quora user who asked me to answer the following question:

How come nobody accepts an expired government issued ID for anything including identifying you? It’s not like we change into someone else after it expires.

If they did accept, it would be convenient, won’t it? We wouldn’t need to stand in long lines at government agency offices trying to renew our passport, drivers license or whatever, every five to ten years. (I once made The Case For A Passport With Lifetime Validity.)

But they don’t.

That’s because, in today’s digital world, ID verification is rarely a totally human decision.

The way it works now, a human operator takes your ID artefact, enters some details from it into a computer system (or swipes it in a reader or scans it under an infrared device), clicks the mouse or taps a button, and, after a second or three, the system comes back with verified / unverified decision, based on which the human waves you through or stops you from proceeding.

These software systems are constantly optimized for storage space, bandwidth, response time, etc. It’s a standard operating procedure to drop records pertaining to expired artefacts from the database. By the time you present your expired ID, the corresponding entry in the database has already been deleted. Ergo, the system is unable to verify your artefact and sends an unverified ID message to the frontend, because of which the human stops you.

The problem is exacerbated by data privacy laws, data retention policies and other factors which obligate companies to delete records after a certain period of time. I illustrated this with the example of the leading IT company in Drivers Of Cult Loyalty.

… a leading IT company that manufactures computers, printers, storage systems and software. I’ve been this company’s customer for over a decade and registered on its website ages ago. However, every time I call its customer care telephone number, I’m asked to repeat my contact info. Its CSR tells me that the company purges customer information once in three months apparently because it won’t allocate more storage to keep customer information for longer periods!

Furthermore, most documents used for ID are merely proxies for ID like Drivers License. In other words, they’re not issued exclusively for ID. In many countries, people need to undergo a medical fitness test to renew a DL beyond a certain age. Therefore, it’s not possible to issue a DL with infinite validity. As a result, the ID function performed by the Drivers License stops when the DL expires although the ID has not changed.

A combination of these factors makes it futile to process an expired ID in a computer. Knowing this, human agents don’t accept an expired ID for verifying identity.

Unless they’re like the aforementioned receptionist who don’t enter the ID into the computer.


Robust systems do allow manual overrides during system failures and obvious cases of False Positives. But those are the edge cases.

Besides, many fields require workers to carry out tasks mechanically. Conditioned by their everyday routine, many human agents rely solely on the computer and don’t even look at the ID with their own eyes.

There’s this story about this luxury hotel in Bombay that goes back to the mid 1980s. One day, a gentleman walked up to the reception to check in. When he offered his ID, the receptionist grabbed it without even looking at him. As usual, she typed the name into the computer. R…A…J…I…V…G… and pressed the enter key. When she got the response, she jumped up and sputtered, “Welcome to Taj, Mr. Prime Minister”!

I don’t know if this story is true or not but I heard it firsthand from a highly-placed executive at the #1 hotel chain of India.


After a long period of using expiring ID-proxies like passport and drivers license, Indians now have a dedicated proof of ID in the form of Aadhaar Card, which has no expiry date. Therefore, the expired ID problem is no longer a thing in India.

Comments

No comments yet. Why don’t you start the discussion?

Leave a Reply