Last night, at a talk on public policy and identity, Jim Harper gave an interesting example of why creating stronger credentials doesn't necessarily result in greater security. He held up a $20 bill and a $1 bill and noted that the first had undergone two upgrades in the last decade while the latter was largely unchanged. Why? The benefit of counterfeiting a $20 bill is much greater, so it needs greater protection.
The same logic applies to identity credentials. The more valuable having an identity credential is, the more likely it is to be counterfeited. Consequently, the more money you have to spend to protect it. Coincidentally, today I saw this story about a DHS official convicted of taking bribes to fake documents.
Jim, speaking of RealID, estimated that a documented worker could make at least $100,000 more over a decade than an undocumented worker. That's a powerful incentive to fake documents. You've got to put security measures in place which offset that incentive. Clearly, paying a DHS offical $30,000 for citizenship was worth it to brokers who resold the documents. How much more likely is this scenario when the task of issuing a RealID is placed in the hands of thousands of DMV workers across the country?
It's often said that the goal of encryption isn't to perfectly protect a document, but to make getting at its contents more costly that the contents are worth. That story's playing out in the world of credentials as well.
Having multiple credentials is not only smart from a "not putting your eggs in a single basket" perspective, it's also more efficient. No sense protecting your Starbucks Coffee Card to the same level you protect a passport. Real security won't come from a single, all-powerful identity credential, but from a healthy ecosystem of useful, practical, and effective identifiers.