Modernizing Authentication — What It Takes to Transform Secure Access
The six Citibank television ads use voice overs to bring home the point that a lot can go wrong if someone obtains of your personal information. The ads touted Citibank's identity theft solutions, but three of the ads actually told the tale of another type of crime: credit card fraud.
Like many plagues of our wired society, such as spyware and spam e-mail, identity theft is not easy to define. But financial institutions do make a distinction between fraud -- someone making a charge to your credit card, for example and identity theft, where someone assumes your identity to open new accounts, take out loans, and even sell your home.
To the financial institutions, there is a distinction because they feel great strides have been made toward addressing fraud. Is there a difference for consumers?https://o1.qnsr.com/log/p.gif?;n=203;c=204634421;s=15939;x=7936;f=201702151714490;u=j;z=TIMESTAMP;a=20304455;e=i ''To the consumer, absolutely not,'' said Jerry Silva, a senior analyst with the TowerGroup, and co-author of a report called ''Five Certainties in the Uncertain World of Identity Theft.'' Silva said that when you ask consumers about identity theft today, you often get a story about how unauthorized charges were made on their credit card, the charges were reversed, and a new card was delivered within days. ''Even though the policy may state you are responsible for the first $50, few companies are going to enforce it,'' he said.
That's because credit card companies feel they have solved the problem of transactional fraud to the point where it has become the cost of doing business. By using technology that detects patterns and anomalies, instances of credit card fraud can be detected by card companies before the consumer knows about them.
''When you ask consumers about fraud, they are OK with it,'' Silva told InsideID. ''They would rather it didn't exist, but they live with it.''
The Federal Trade Commission's (FTC) 2003 identity theft data cites 9.9 million cases. But 33 percent of those cases are instances of credit card fraud. The actual FTC database for its identity theft clearinghouse, where actual cases of someone stealing another person's identity are reported, recorded 214,905 cases in 2003 and 161,00 in 2002, according to Silva's co-author Christine Pratt, who is also with TowerGroup. ''That's pretty far removed from 9.9 million,'' she said.
Pratt said the numbers for millions of cases of identity theft just don't add up. If there are 100 million people in the United States eligible for credit and nearly 10 million cases of identity theft each year (and rising), within 10 years we'll all be someone else.
''Everything that isn't a physical branch or bank robbery today is [labeled] identity theft,'' Pratt said. A much bigger problem, in her eyes, is the increase in real estate fraud, which is potentially much more expensive and much more difficult for consumers to clear up. The FBI reported 12,000 cases of mortgage fraud in 2004, up from 4,200 in 2001. Victims can lose their homes or even have their house sold out from under them.
Does the Distinction Matter?
The problem with labeling cases of fraud as identity theft is that it sets off mass hysteria, fanned by the media and politicians. Legislation then comes down the pipe that can be a burden to financial institutions and increase the cost of doing business. The U.S. Congress responded to the identity theft outcry by extending the preemption of the Fair Credit Reporting Act (FCRA) and adding the Fair and Accurate Credit Transactions (FACT) Act.
One of the least expensive ways to combat identity theft is to educate consumers about potentially risky ways of handling their personal information, but because of the way fraud cases have been handled, there isn't a lot of incentive for consumers.
''The educational process is absolutely necessary, but the fact that they aren't holding consumers liable de-motivates consumers,'' Silva said.