New Visitors Privacy Policy Sponsorship Contact Us Media
Baby Boomers Family Green Home and Auto In Critical Condition Just Starting Out Lifestyle Money
- advertisement -
Bankrate.com
News & Advice Compare Rates Calculators
Rate Alerts  |  Glossary  |  Help
Mortgage Home
Equity
Auto CDs &
Investments
Retirement Checking &
Savings
Credit
Cards
Debt
Management
College
Finance
Taxes Personal
Finance

The growing problem of ID theft -- Page 2

Ironically, where account security is concerned, the big players, such as Bank of America and Citibank, may find themselves at a disadvantage, owing to the difficulty of adapting older "legacy" databases to today's tighter security configurations. As the headlines suggest, the bigger they are, the easier they may fall.

- advertisement -

"Encryption in a legacy system environment is much more difficult," says Linden. "Carving out the cardholder's name and keeping it in a separate database from the card number and having some sort of algorithm so that you can make a match when you put the two together is not something that is achievable with a big, giant checkbook as much as with a technical infrastructure that is much more fluid. Some of the more medium-size companies like mine have fresher technological infrastructures. Encryption is an absolute requirement in my book."

Despite its efforts to cut its exposure to fraud, the credit card industry has been criticized for being less concerned with cardholder privacy than its own profitability. Frank says the CardSystems breach is a good example of what she calls their "laissez-fair attitude."

"CardSystems was just retaining stuff that they shouldn't have been retaining. There should have been oversight by Visa and MasterCard. They say in their contract that you're not supposed to do that, but if there is no enforcement, no oversight, what the heck are they keeping this information for?"

Greater data dangers ahead
If credit card fraud is the tip of the iceberg, the scarier portion of identity theft is the data piracy that has become pandemic in recent years. With the advent of the Internet, a sophisticated black market has sprung up online to buy and sell your personal data without your knowledge or consent. Some of this comes from public records; if you've ever had a driver's license or home mortgage, you're in these databases. Add these readily available identifiers to other electronic bits and pieces, such as account numbers and Social Security numbers acquired through more nefarious means, and identity thieves have the makings of a new identity they can use as they wish.

"If you look at the kind of information they got from ChoicePoint, well, you don't even know what's in your ChoicePoint file, do you?" Frank asks. "They go out and search these databases they purchase until they have 30 or 40 pages on you. I've seen mine and it has a lot of stuff that is even wrong. That to me is even more terrifying."

Linden agrees.

"There is a gang effort out there: You've got the name guys and the numbers guys and the street-address guys and the Social-Security guys. We have to continue to have all parties meet a standard, and at that point it would make it so tough that these guys would just throw in the towel."

Chris Hoofnagle, senior counsel with the Electronic Privacy Information Center, a San Francisco-based nonprofit research center, says credit-granting institutions such as credit card companies, banks and other lenders have made it far too easy for identity thieves to obtain credit in somebody else's name.

His solution: a credit freeze that would enable consumers, not the credit bureaus, to determine who may access their credit report. The freeze keeps your credit report closed until you agree to let someone view it. So far, just five states -- California, Texas, Vermont, Louisiana and Washington -- have given individuals the power to ice their credit reports, though several more will do so over the next year.

"The business community has made it clear they don't like credit freeze, but it already exists in some states, so it's coming," says Hoofnagle, who also advocates greater consumer control over the accuracy of their credit reports.

Many states have instituted other prudent practices to prevent ID theft, including eliminating the use of Social Security numbers as identifiers on driver's licenses.

More worrisome for the credit card industry is California's notification law that took effect in July 2003. It requires companies to notify individuals when any personal data stored electronically has been compromised. The law has certainly spawned an increase in reported breaches, though appearances may be misleading.

"We tend to think that these security breaches have been occurring for some time and we're just now learning about them," Hoofnagle says. "Companies will really twist themselves into pretzels trying to avoid giving notice."

Hoofnagle says the business lobby that has been fighting notification at the state level has now taken its campaign to Washington. There, it will likely attempt to have its cake and eat it too by compromising on consumer "protection" legislation that requires mandatory notification only when the compromised company thinks the data may be used for fraud. The trump card in this scenario: the watered-down national legislation would pre-empt the meatier state laws.

Until that battle is waged, your identity remains a highly fluid and marketable commodity that high-tech thieves may hijack at the click of a mouse.

The best way to avoid exposure is to elect a credit freeze (if you live in an eligible state) on your credit report by notifying the three credit reporting agencies (Experian, Equifax and TransUnion).

The rest of us can place a fraud alert on our credit report with any of the credit reporting agencies, which are then required to notify you should someone attempt to open credit in your name.

Bottom line: Limit your exposure, check your credit report frequently and urge your congressional representatives to vote for credit freeze and breach notification initiatives.

Jay MacDonald is a contributing editor based in Mississippi.

 
 
-- Posted: July 20, 2005
   

 

 
 

 

Looking for more stories like this? We'll send them directly to you!
Bankrate.com's corrections policy
Print   E-mail

30 yr fixed mtg 3.98%
48 month new car loan 3.22%
1 yr CD 0.71%
Alerts


Mortgage calculator
See your FICO Score Range -- Free
How much money can you save in your 401(k) plan?
Which is better -- a rebate or special dealer financing?
VIEW MORE CALCULATORS

BASICS SERIES
Begin with personal finance fundamentals:
Auto Loans
Checking
Credit Cards
Debt Consolidation
Insurance
Investing
Home Equity
Mortgages
Student Loans
Taxes
Retirement

MORE ON BANKRATE
Ask the experts  
Frugal $ense contest  
Quizzes  
Form Letters


- advertisement -
 
- advertisement -

About Bankrate | Privacy Policy/Your California Privacy Rights | Online Media Kit | Partnerships | Investor Relations | Press Room | Contact Us | Sitemap
NYSE: RATE | RSS Feeds |

* Mortgage rate may include points. See rate tables for details. Click here.
* To see the definition of overnight averages click here.

Bankrate.com ®, Copyright © 2014 Bankrate, Inc., All Rights Reserved, Terms of Use.