ID Theft Costs Banks $1 Billion A Year
from the ouch dept
Identity theft is still a crime that doesn’t get enough “respect” from authorities, so it’s good to see some people trying to quantify the costs – even if they might be a little questionable. The latest study says that identity theft costs
banks $1 billion a year. Banks get hit hardest as identity scammers hit them up for home loans or credit cards, and the banks have no way of verifying the person is who they say they are. As the article points out, the scarier part isn’t so much the money, but the lack of any real system being put in place to stop identity theft.
Comments on “ID Theft Costs Banks $1 Billion A Year”
so silly
The problem is poorly designed systems that permit id theft. We don’t need systems that correct for it…we need systems that don’t permit it at all.
In other words: capabilities, just like computer science has known about for 40 years.
For example: why do driver’s licences have name, D.O.B etc on them? Why not just have a card with a photo and the legend “the person whose photo is on this card is licensed to drive through 1-jan-2004.” If you lose your wallet you still have to go get another…but the thief doesn’t get your name.
Etc….the hell with patching screwy systems; just fix ’em!
Maybe a different approach is needed...
DV may be on to something. Until now, the approach has been to tie as many information sources together, in the hopes that if someone tried to falsify an identity, some obvious conflict between bits of information would arise and hoist them by thier own petard, so to speak.
However, maybe the answer is to isolate identity information by intended purpose as much as possible, so that compromising one source doesn’t allow access to other sources. Hmmm. I’m not sure how this would be put into practice, and the Office of Total Information Awareness wouldn’t like it much, but it is an interesting idea.
Re: Maybe a different approach is needed...
Such systems do get proposed but selection committees almost always choose the surveillance option. Example: “speedpass” systems for toll collection: you could make them function like cash, or you could make each have a unique ID with billing info connected to it. Guess which is always chosen?
The only exception I know is subway system billing systems (NYC, BART, Washington metro). Those cards really are cashlike. I think it’s because of the importance of keeping the transaction time for setup (i.e. card purchase) low.
Tool collection records have been subpoenaed in divorce and criminal cases. I think it’s only a matter of time before the same happens in the TIA’s new travel records. And once that happens, all bets are off.
Oh, and how to put these non-privacy-leaking systems into practice?
This process had been working to prevent the unification of driver’s licence records. It remains to be seen how well it will continue to work.
No Subject Given
Integrated systems are always more vulnerable to tampering. The exact same thought process works in computer security too. I like to run discrete apps for email, web, PIM, etc versus an all in one approach like Outlook.
We are hosed though. Government has fantasized about the ultimate information database for years and now they might be able to make it a reality. My only hope is that it being government, they will never succeed in succesfully analyzing the data.