Passport Identity Theft: Document Fraud and US State Department Procedures
Passport identity theft sits at the intersection of federal criminal law, international travel security, and identity fraud — making it one of the more operationally complex categories within the broader identity theft landscape. This page covers how fraudsters exploit the US passport system, the regulatory and investigative framework governing document fraud, and how the US Department of State responds to confirmed and suspected cases. Practitioners, researchers, and affected individuals navigating this sector will find the key classification distinctions and procedural steps outlined here.
Definition and scope
Passport identity theft occurs when a person's identity documents — or the identity data tied to them — are used without authorization to obtain, alter, or fraudulently use a US passport. This category of fraud encompasses both the theft of physical passport documents and the fraudulent application for new passports using stolen personal information.
Under 18 U.S.C. § 1543, forging or falsely making a passport carries a federal penalty of up to 25 years imprisonment when the offense is connected to drug trafficking or terrorism, and up to 10 years in other cases. 18 U.S.C. § 1544 separately addresses misuse of a passport — applying it to a person other than the intended holder. These statutes, enforced by the US Department of State's Diplomatic Security Service (DSS) and the Department of Justice, define the legal perimeter of the offense.
The scope of passport fraud extends beyond individual victims. The US Department of State Bureau of Consular Affairs administers the passport issuance system for over 22 million passports issued annually (US State Department, Passport Statistics), creating a large-scale target surface for organized fraud rings as well as opportunistic individual actors.
Passport identity theft intersects closely with related fraud categories — including Social Security Number misuse, birth certificate fraud, and synthetic identity schemes — that are documented across the identity theft provider network.
How it works
Passport document fraud follows recognizable operational patterns that fall into 4 primary mechanisms:
-
Fraudulent application using stolen identity: The offender gathers a victim's personally identifiable information (PII) — name, date of birth, Social Security Number, and supporting documents — and submits a legitimate passport application in the victim's name, redirecting delivery to a controlled address. The resulting passport is genuine in issuance but fraudulent in representation.
-
Alteration of a genuine passport: A legitimately issued passport is physically modified — photo substitution, date changes, or biographical data alteration — to extend its usability or transfer it to a different holder.
-
Use of counterfeit passports: Fully fabricated documents replicating the appearance of US passports, often exploiting gaps in verification at points of entry with lower biometric screening capacity.
-
Theft of a genuine passport and impersonation: A stolen passport is used by someone with sufficient physical resemblance to the legitimate holder, often combined with supporting forged documents.
The Diplomatic Security Service (DSS), operating under the State Department, holds primary federal investigative jurisdiction over passport fraud. DSS coordinates with the FBI, US Customs and Border Protection (CBP), and the Social Security Administration (SSA) when identity fraud spans multiple federal systems — a pattern common in organized schemes.
Common scenarios
Passport fraud manifests across 3 dominant scenario types in federal enforcement records:
Child passport fraud: A parent or guardian obtains a minor's passport without the consent of the other legal guardian, violating 22 C.F.R. § 51.28, which requires both parents' consent or a court order for minors under 16. This scenario frequently intersects with international parental abduction cases tracked by the National Center for Missing and Exploited Children (NCMEC).
Deceased identity exploitation: Fraudsters obtain birth certificates of deceased individuals — particularly those who died in infancy before Social Security records were digitized — and use that identity to apply for a legitimate passport. This is a foundational step in synthetic identity construction and has been documented in federal prosecutions involving financial fraud networks.
Employment and immigration fraud: Fraudulently obtained or altered passports are used to establish false work authorization, circumventing I-9 verification requirements administered by US Citizenship and Immigration Services (USCIS). Employers using E-Verify encounter this pattern when passport data fails biometric cross-reference checks.
Victims often do not discover passport fraud until they attempt to renew their passport, are flagged at a border crossing, or receive an IRS notice tied to income earned under their identity by another person. Reporting pathways and service providers operating in this space are accessible through the identity theft providers.
Decision boundaries
The critical classification distinctions in passport fraud cases determine which federal agency leads investigation and what remediation path applies:
| Scenario | Primary Jurisdiction | Key Statute |
|---|---|---|
| Fraudulent passport application | DSS / DOJ | 18 U.S.C. § 1542 |
| Passport forgery or alteration | DSS / FBI | 18 U.S.C. § 1543 |
| Passport misuse (impersonation) | DSS / CBP | 18 U.S.C. § 1544 |
| Child passport consent violation | State Dept. / NCMEC | 22 C.F.R. § 51.28 |
| Cross-system identity fraud | FBI / SSA / IRS | Multiple statutes |
A passport fraud case that involves only document forgery without evidence of broader identity theft falls under DSS primary jurisdiction. When a fraudulently obtained passport is used as a foundation for opening financial accounts, the case crosses into broader identity theft territory — triggering coordination with the FTC's identity theft response framework under the FTC Identity Theft Program.
Victims reporting passport theft or suspected fraudulent use file reports directly with the State Department's Passport Fraud Unit and simultaneously with the FTC at IdentityTheft.gov. CBP maintains a separate notification system for stolen passports through the INTERPOL-linked Stolen and Lost Travel Documents (SLTD) database, which flags compromised documents at international entry points.