The Arcot Advisor - Did You Know

   
 

Keep Your Identity Safe

A recent report issued by Javelin Strategy and Research indicates that security fraud is leveling off. Javelin's 2008 report states that total fraud over the past year showed a $6 billion decrease from 2007's numbers, continuing last year's trend. This 12 percent decrease is largely the result of persistent efforts by consumers, industry and government to pursue stronger defenses and proactive protective measures.

The good and the bad

In addition, the number of identity-fraud victims has decreased for the fifth straight year, down by 300,000 from the previous year's numbers. The report states that since 2003, the incidence rate of identity fraud has decreased by more than a full percentage point. Javelin credits this drop to consumer and organizational prevention efforts, as well.

Still, a reported 3.58 percent of U.S. adults (that's 8.1 million people) were victims of identity fraud during the past year. Furthermore, the average consumer cost increased by 25 percent over 2007, from $554 to $691 for 2008. The report's authors suggest that this increase is probably caused by increasingly sophisticated fraud techniques, especially as used in "new accounts" fraud (in which thieves use a victim's personal information to open and use a new account).

Criminals shift tactics

Like water flowing downhill, criminals rush to areas of least resistance. Mail-order and telephone-order theft jumped from 3 percent of fraudulent transactions in 2007 to 40 percent in 2008, suggesting that identity thieves are shifting to less-secure technologies as a means of stealing personal information.

One of the newest techniques, vishing, is a form of verbal social engineering (i.e., manipulating a victim into divulging information by pretending to be a legitimate person or institution). Vishing uses a deceptive phone call, typically through Voice over IP (VoIP) messaging or other telephone networks, to gain personal or financial information from victims. Vishing is a growing concern. As of 2007, less than half of the top 25 financial organizations had deployed two-factor authentication for telephone banking. Many financial institutions still authenticate customers by asking for their Social Security number or bank account number.

Information technologists at banking and financial institutions need new workflow processes that better address customer safety. Not taking this step means that consumers are likely to grow increasingly insecure about using technology and eventually may decline to provide the personal information necessary for electronic banking to operate.

Tips to stay safe

How can you better protect customers from vishing and other identity-theft schemes? The following tips provide a good starting point.

  • Eliminate use of the nine-digit Social Security number as a means of identification or authentication.
  • Educate customers through straightforward guidelines about the most effective prevention and detection measures. Tell consumers how to protect themselves against fraud.
  • Empower customers by allowing them to switch paper statements, checks and billing to a more-secure, electronic format.
  • Let customers set boundaries by giving them tools to define limits, restrictions and prohibitions through any channel — computer, phone or on-site.
  • Establish strong internal controls such as two-factor authentication for all online and telephone transactions.
  • Secure sensitive consumer data by exempting it from disclosure.

For more information about the Javelin report or about Arcot's approach to fighting identity theft tactics, visit www.arcot.com or call
1-866-99-ARCOT.
 

 

(If your operating system does not support using a Print button,
simply use your Web browser's "Print" command instead.)


©2008 Arcot All rights reserved.