According to The New York Times:
Undercover Congressional investigators successfully smuggled into the United States enough radioactive material to make two dirty bombs, even after it set off alarms on radiation detectors installed at border checkpoints, a new report says.
The reason is interesting:
The alarms went off in both locations, and the investigators were pulled aside for questioning. In both cases, they showed the agents from the Customs and Border Protection agency forged import licenses from the Nuclear Regulatory Commission, based on an image of the real document they found on the Internet.
The problem, the report says, is that the border agents have no routine way to confirm the validity of import licenses.
I’ve written about this problem before, and it’s one I think will get worse in the future. Verification systems are often the weakest link of authentication. Improving authentication tokens won’t improve security unless the verification systems improve as well.