2005 | OriginalPaper | Chapter
Messin’ with Texas Deriving Mother’s Maiden Names Using Public Records
Authors : Virgil Griffith, Markus Jakobsson
Published in: Applied Cryptography and Network Security
Publisher: Springer Berlin Heidelberg
Activate our intelligent search to find suitable subject content or patents.
Select sections of text to find matching patents with Artificial Intelligence. powered by
Select sections of text to find additional relevant content using AI-assisted search. powered by
We have developed techniques to automatically infer mother’s maiden names from public records. We demonstrate our techniques using publicly available records from the state of Texas, and reduce the entropy of a mother’s maiden name from an average of close to 13 bits down to below 6.9 bits for more than a quarter of the people targeted, and down to a zero entropy (i.e., certainty of their mothers maiden name) for a large number of targeted individuals. This poses a significant risk not only to individuals whose mothers maiden name can easily be guessed, but highlights the vulnerability of the system as such, given the traditional reliance of authentication by mother maiden names for financial services. While our techniques and approach are novel, it is important to note that these techniques – once understood – do not require any insider information or particular skills to implement. This emphasizes the need to move away from mothers maiden names as an authenticator. Using the techniques described, during testing we were able to deduce the mother’s maiden name for approximately 4,105,111 Texans.