Modernizing Authentication — What It Takes to Transform Secure Access
Online consumers are growing increasingly wary of identity theft and that fear is hurtinge-commerce, according to industry analysts. Protecting customer data -- while it's intransit, while it's stored in databases and while it's being shared with business partners-- is a critical component in the fight against this costly form of fraud.
''IT managers need to take a hard look at their own security,'' says Jay Foley, co-executivedirector of the San Diego-based Identity Theft Resource Center. ''Who has access to theirsystem? What kind of security is around it? Who has access to that information when it'ssitting in their database? These are questions that have to be answered.''
A new study from industry analyst firm Gartner Inc. this week highlighted the identity theftproblem.https://o1.qnsr.com/log/p.gif?;n=203;c=204634421;s=15939;x=7936;f=201702151714490;u=j;z=TIMESTAMP;a=20304455;e=i Identity theft incidents grew by 79 percent in the 12 months between June of 2002 and Juneof 2003, according to the Gartner report. That means 7 million U.S. adults, or 3.4 percentof U.S. consumers, were victims of identity theft during that one-year period. And it's acrime largely going unpunished. Gartner analysts say that thieves have better than a one in700 chance of being caught by federal authorities.
''Many banks, credit card issuers, cell phone service providers and other enterprises thatextend financial credit to consumers don't recognize most identity theft fraud for what itis,'' says Avivah Litan, vice president and research director for Gartner. ''Instead, theymistakenly write it off as credit losses, causing a serious disconnect between the magnitudeof identity theft that innocent consumers experience and the industry's proper recognitionof the crime. This causes a disincentive to fix the problem with the urgency it requires.''
Identity theft is defined as a thief stealing a person's identity by lifting criticalpersonal information, like credit card numbers, Social Security numbers, bank accountinformation, driver's license information and address. The thief uses that information tomake purchases, open up lines of credit and even obtain illegal loans.
But while identity theft incidents are on the rise, some analysts have doubts that it'srisen by nearly 80 percent in the last year.
''We have been believing for quite a while that credit reporting agencies and creditors havemisreporting identity theft,'' says Foley. ''They've been misclassifying it as generalfraud. The real numbers haven't been coming out. Part of it is that we're becoming moreaware of it, but I do believe the problem is becoming worse.''
Christine Pratt, a senior analyst with the TowerGroup, an analyst firm based in Needham,Mass., says identity theft is a growing problem, but she doesn't think it's growing as fastas Gartner is reporting.
''I did not find anywhere near that big of a jump,'' says Pratt. ''I would say it has grownbut certainly not to that extent.''
The U.S. Federal Trade Commission (FTC) has made major efforts to report identity theft andcalculate its effect on the e-commerce industry.
Last year, there were 161,819 cases of identity theft reported to the FTC. The agency alsoreported that identity fraud complaints were the most common type of fraud complaintreported by American consumers in 2002, accounting for 43 percent of all FTC complaints.Nationwide, identity theft reports nearly doubled last year, totaling more than 160,00 withlosses of more than $343 million.
Whether identity fraud has jumped 80 percent or five percent, fear of it is creeping intoU.S. consumers, hindering online shopping.
''I wouldn't be the slightest bit surprised if 25 percent or 30 percent of the population isflat out afraid to try e-commerce because of identity theft,'' says Foley. ''When e-commercefirst got started, people were afraid they would order one thing and get another, or theywould order something and it would never come. Now there is a new level of fear coming intoplay. People have to think if what they're seeing is real or is it just another scam to getmoney and information out of them.
''Now people are worried their information will be used to ruin them,'' Foley adds.
But consumers aren't the only ones feeling the ill effects of identity theft, says aTowerGroup report.
Lending institutions are getting hit hard. A recently released TowerGroup report notes thatU.S. lender losses due to identity theft total more than $1 billion annually.
''Lenders have always been willing to accept a certain amount of risk,'' says ChristinePratt, a senior analyst at the TowerGroup Consumer Credit practice. ''Fraud losses, ifthey're not actively rising, have been an area of complacency... Financial institutionsshould take a strategic, enterprise-wide approach to implementing technology solutions todeal with fraud, and identity theft in particular.''
Pratt and Foley agree that IT managers will play a critical role in stopping identity theftand reassuring consumers about the safety of buying online and giving out their personalinformation.
''In terms of IT managers, they need to look at how secure information is when it comes tothem and how secure it is when it's under their control,'' says Pratt. ``How secure is theinformation when it goes to other parties they do business with? How safe is it from thirdparties they share information with? How safe is it from their employees when it's sittingin their database?''