Is It ID Theft Or Was The Bank Robbed?

from the which-one-seems-more-accurate dept

Via Clay Shirky, comes a very good point from Kevin Marks concerning claims of "identity theft," where he notes that identity theft is not actually an identity being stolen but is usually a bank/credit card company being robbed and passing off the blame for their own poor security on the victim. He point to a brilliant comedy routine by Mitchell and Webb that makes this all pretty clear:
"They took all the money? That sounds more like a bank robbery."
"No, no. If only. 'Cause we could take the hit. No, no. It was actually your identity that was stolen, primarily. It's a massive pisser for you."
"But, it's actually money that's been taken..."
"From you?"
"Kind of."
"I don't know what you want from me other than my commiserations."
"You see it was your identity. They said they were you!"
"And you believed them?"
"Yes, they stole your identity."
"Well, I don't know. I seem to still have my identity, whereas you seem to have lost several thousands of pounds. In light of that, I'm not sure why you think it was my identity that was stolen instead of your money."
The problem isn't "identity theft." It's bad security and verification processes by a financial institution.

Filed Under: identity theft, scams, security

Reader Comments

Subscribe: RSS

View by: Time | Thread

  1. icon
    Claus Rasmussen (profile), 19 Aug 2009 @ 1:22pm

    online banking security

    If things really are as fairly simple in US online banks as described here, I would agree that banks are partly to blame for lack of verification. Of course the moron sitting 40 cm behind the screen surfing pr0n sites or installing emoticons via activeX in IE6 has his/her part of the blame as well.

    My danish bank (actually both the 2 I use nowadays) use a code card with random one-time codes required for each single monetary transaction made in the web-bank. Whenever I've used the 80 codes on my card, I get a new card in the snailmail. Before entering the webbank, I use my SSN and a bank-generated password (10 letters, digits and chars), and one of the codes from the card.

    On top of that, the webbank interface works like a charm in FF, Opera, Safari as well as IE8, so I don't need to be a moron and keep on using IE6 on winME or whatever a moron would do...

    The hassle of using these codes is really not an issue - especially when taking the benefits into consideration.

    Most banks here in Denmark use sort of a dongle file, which you need to store on your computer, which is then queried when making transactions. This solution makes it a bigger hassle to use your work computer to access the web bank, and I believe those solutions also have bigger problems with browser compatibility. But still, it gives a higher level of security.

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here

Subscribe to the Techdirt Daily newsletter

Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Insider Shop - Show Your Support!

Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Report this ad  |  Hide Techdirt ads
Recent Stories
Report this ad  |  Hide Techdirt ads


Email This

This feature is only available to registered users. Register or sign in to use it.