Whilst I share Jim's cynical (sorry!) view, it is still the case that we
need to be seen to be doing our bit to prevent fraud.  Taking
straightforward steps such as using holograms and reasonably unique
watermarked/security marked parchment is not a huge price to pay for
inspiring confidence amongst our honest users that the certificate they have
is 'valuable' and 'special'.   Our graduates deserve an 'expensive' looking
product!
-----Original Message-----
From: J.S.M.Whitaker <[log in to unmask]>
To: [log in to unmask] <[log in to unmask]>
Date: 19 March 2001 17:01
Subject: Re: Transcript authentication


Andrew

Could I advance the argument that security features such as you list
are, nearly, a waste of time/money?  The issue has arisen time and
time again with our degree certificates.

Why??

Suppose I am desirous of a nice Sheffield transcript but don't want
to do three year's hard labour.  I get some nice security paper and
a holograph sticker.  Print up an impressive certificate highlighting
the security features I have built in.  Even have a look at your web
site to copy the corporate style.

The average recipient is going to look at this and think "OK that's
what he did, give him the job".

Sure, any outfit with a good bureaucratic organisation will ignore the
paper I provide and write to you asking what I received from you etc
etc.  But lots and lots of people never do that.  So all your clever and
expensive security procedures are wasted because the only people
who know that they should be on the certificate are you and you
probably do your checks against your formal student record.

I know that if anyone asks us if a particular degree parchment is
correct, we don't ask to look at the paper which they might have but
look at our formal record.

My argument would be that one might want to implement something
cheap and cheerful which means that the truly stupid who use
Tippex (remember that) and type in a new name ought to be
detectable by eye.  It happens surprisingly often with our degree
certificates!

I'm copying this to the list because I think it is of more general
interest and look forward to seeing your summary.

Regards

Jim Whitaker

================================
On 19 Mar 01, at 15:46, ANDREW WEST wrote:

From:                   "ANDREW WEST" <[log in to unmask]>
To:                     [log in to unmask]
Date sent:              Mon, 19 Mar 2001 15:46:27 -0000
Subject:                Transcript authentication
Priority:               normal

> The issue of
> authentication has arisen and I would be very interested in hearing views
> from colleagues on the merits of using, for example:
>



*****************************************************************
* J.S.M. Whitaker                  [log in to unmask]
* IT Support Manager
* Academic Office                  Tel: 0121-414 3811
*                            (Secretary 0121-414 3812)
* The University of Birmingham     Fax: 0121-414 6864
* Edgbaston
* Birmingham      B15 2TT
*****************************************************************