The Identity Hijack: Why ORCID’s 'Big Tent' is a Predator's Playground

The Illusion of Identity Stability

We have been sold a dream of "interoperability" that is rapidly becoming a nightmare of institutional drift. The recent discourse around ORCID’s expansion, celebrating nearly 10 million records and 1,500 member organizations, missing the forest for the trees. Persistent Identifiers (PIDs) were designed to solve the problem of name ambiguity, but in our rush to automate everything, we have inadvertently built the ultimate cloaking device for bad actors.

Identity involves more than a string of digits. It is about the honesty of the records sitting behind that number. The big mistake in the current PID world is the idea that being connected is the same as being trusted. It isn't. Connectivity, when you don't have tough people guarding the gate, just lets the rot of predatory publishing move faster through the digital system of science.

The Trojan Horse of Auto-Updates

Look at the "auto-update" feature. Fans say this saves researchers 154 hours of typing, but they ignore how it builds a slick pipeline for garbage. When a predatory journal (pretending to be real) pushes its data through a faked service, that lie flows right into an ORCID record. From there, it hits national archives like Portugal’s CIÊNCIA ID or Germany’s GND, and ends up in Scopus. By then, it looks real. It has been "validated" by five different systems. We aren't just building bridges here. We are paving superhighways for paper mills.

By the time anyone notices the paper is a fabrication, it has already been "validated" by five different trusted systems. As Alice Meadows and Josh Brown noted in their recent white paper, commissioned by ORCID to explore the synergy between national and global identifiers, the goal is often to have data flow seamlessly. However, we must ask: what happens when that flow is toxic? We aren't just building bridges; we are building superhighways for paper mills.

The Rise of the 'Verified' Ghost

We've entered a cynical era of identity laundering. Scams now involve predatory publishers begging authors to link their ORCID iDs, not for the sake of a clean CV, but to siphon off the platform's prestige. A profile can look pristine, decorated with "trust markers" from elite schools, while quietly masking a dozen entries from journals that exist only to collect fees. If we don't start checking the quality of data entering these profiles, the system becomes a skeleton key for thieves. The so-called "village" is too busy applauding efficiency metrics to notice the fire.

If we continue to lower the barriers to participation without increasing the rigor of the data being fed into these profiles, ORCID will cease to be a tool for researchers and become a master key for fraudsters. The "village" it takes to raise these systems is currently full of people looking the other way because they are too busy calculating time-saving metrics.

Radical Proposal: The Reputational Firewall

To save the integrity of the scholarly record, we must move beyond the "ORCID and" philosophy and toward a "Verified or Nothing" stance. First, we need mandatory audits. PIDs should not be forever if the record is a mess. We need a way to kill identifiers linked to fake content. Second, create levels of trust. Linking to a national file should mean more than self-reporting a paper from an unknown journal. We need a visual proof of trust for every ID.

We are at a crossroads. We can have a system that is easy to use, or a system that is trustworthy. History shows that in scholarly publishing, you cannot have both. If we don't start guarding the gates of identity, the predators won't just be at the door, they'll be the ones holding the keys.