Taking Steps to Deter Identity TheftHaven't we all read the statistics about banking fraud and identity theft and dismissed any personal impact as remote, or rationalized that impersonal financial institutions are picking up the cost? Then it happens to you. Then it happens to someone famous.
It happened to me. This fall, I received a call from one of my credit card issuers suggesting it had seen unusual activity on my account. The issuer asked whether I had made any large transactions. I indicated nothing unusual. The representative noted that my balance included $11,000 from three transactions at an electronics store and a wholesale cigarette merchant. The issuer accepted my comment that I had not made these transactions and placed them in dispute.
However, the situation worsened. Whoever perpetrated the incident also changed my statement address. I was instructed to check with each of the major credit bureaus to ensure that no other accounts were opened in my name. So far the incident appears under control, but it does raise the level of concern.
It happened to Tiger Woods. In December, professional golfer Tiger Woods was the alleged victim of a fraud and identity theft. Woods testified in a Sacramento, CA, case that he had not made $17,000 in purchases and a deposit on a used car that were charged to his credit card.
Prosecutors have filed six counts of felony identity theft and perjury in the case against a defendant who is accused of buying electronics, furniture and other items using Woods' accounts.
Doesn't sound like a smart criminal to brazenly use a celebrity's credentials. This incident likely will receive the highest level of investigation. And it does show that even an amateur can beat the system.
What is identity theft? Identity theft includes several types of fraud in which a criminal is able to place transactions on a charge account without authorization of the owner, or opens a credit account using someone else's identity. In most cases, obvious fraudulent credit card transactions are placed in dispute with the customer having little or no responsibility. Ultimately, transaction frauds are very expensive for lenders, and automated measures are being continually developed to identify and intercede on high-risk transaction patterns. The more serious situations for consumers include cases involving debit cards and loan accounts opened without the victim's knowledge.
Fraud on debit/ATM cards is serious. Customers rely on the integrity of their checking accounts to pay their bills. Banks and the card associations have encouraged the introduction of debit cards, which are positioned to eliminate the need for cash for many routine transactions. If the ATM card carries the association logo, it can be used for any transaction just like a credit card. Fraudulent transactions applied to a debit card can be a serious concern for the consumer because they can prevent access to deposits needed for routine situations.
Fraudulent opened accounts are serious incidents. The worst cases reported are those that involve a criminal's ability to obtain enough information to open lending accounts in someone else's name with billing to a different address. Telephone or wireless accounts are also frequent targets. In this case, a customer may not know a fraud is being committed until the account has been maxed out and debt collectors become involved. Incidents have been reported of victims being spied upon by investigators and even being arrested because of delinquency on a fraudulent account opened without the innocent consumer's knowledge.
Credit bureau reports can be hard to fix. The types of identity theft mentioned can leave a victim with a deteriorated credit report. Making the corrections can be time consuming. During the interim, the victim could be turned down for new accounts, mortgages or credit line increases and miss receiving attractive rate offers that preferred borrowers receive. Much time can be spent contacting lenders individually, preparing documentation and verifying action taken. Legal assistance also may be required.
Social Security number replacement is daunting. The more serious types of identity theft center on the availability of a victim's Social Security number to apply for new credit accounts or approvals for transactions. In some cases, victims will want to replace their Social Security number and then verify that their contributions continue to be properly credited. Changing all the other accounts that rely on Social Security numbers, such as securities, tax, driver's licenses, library cards and student/employee IDs, can be frustrating.
Where do criminals steal data? Data can be stolen from several sources, including stolen wallets, pilfering mail, searching through trash, fraudulently obtaining a credit report or paying off an employee who has access to application or transaction data. There also have been several notable cases where customer data have been stolen in bulk from marketing companies.
Potentially, the Internet has accelerated identity theft in three ways. First, data such as Social Security numbers and credit bureau reports have become available from both legal and illegitimate Web sites. Second, customer data shared for making transactions are at times unsecured. Third, several companies have had electronic break-ins during which sensitive customer data have been stolen.
What are the remedies to maintain consumer confidence? Consumers must take precautions, which are being actively promoted in broad consumer media. The challenge to the industry is to place the procedural and systematic protections in place that build consumer confidence in using the many conveniences that the Internet offers to serve their financial needs. Additionally, protections such as credit monitoring reports and insurance can help customers spot identity theft incidents and help cover legal costs.
Smart card technology. One solution to building consumer confidence in transacting over the Internet are smart cards. In September 1999, American Express launched its Blue card product, which spokeswoman Judy Tenzer described as "phenomenally successful." Embedded in the card is a unique digital certificate that is scanned by a card reader connected to a customer's computer to provide authentication. A PIN is set up for each customer and, in combination with the digital certificate, provides additional security for Internet transactions similar to that provided by an ATM card, which requires a code to be used to confirm a transaction. A smart card is a great account for those who plan on making frequent Internet transactions.
Control payment number technology. Several major card issuers, including MBNA and Discover, are offering an Internet security service developed by Orbiscom, New York. O-power creates unique account numbers for each online transaction. This number is unique to a particular user-defined transaction and is linked back to the main card. The main card number is never revealed, and so customer risk is controlled. This solution does not require an entirely new card to be issued.
Credit report monitoring and insurance protection. Less hi-tech but certainly valuable services are found in the categories of credit monitoring and insurance protection. Monitoring services proactively report any accounts opened or negative information applied to subscribers' credit bureau reports. Insurance plans available to issuers and their customers provide benefits that will defray legal and out-of-pocket expenses that consumers will face when they are forced to fight a serious identity theft incident.
• Kenneth G. Kraetzer is a vice president at CBSI, Harrison, NY, and an adjunct professor in the direct marketing master's degree program at Mercy College, Dobbs Ferry, NY. His e-mail address is firstname.lastname@example.org.