This year, over 4.1 billion records were exposed through data breaches. When it comes to identity and access management, are companies and users doing enough?
That’s the number of people in the US that got their identities stolen in 2018. That's almost as many people as living in Miami. All in all, they lost a staggering $200 million. Identity manipulation and theft can happen to anyone and lead to problems that could damage your credit history, impact your loans, mortgage and tax refund and sometimes even exhaust your savings account. Worse yet, it may even lead to a wrongful arrest. But it’s not just about the money - it can include highly sensitive data such as private pictures as well. And you could be affected too!
What is online identity theft?
The common identity theft definition is to take over another person’s identity without authority to use their sensitive data for fraudulent actions. It may not be a simple case of spam emails - consider the impact if your credit card details are compromised and you run the risk of fraudulent activity under your name? In the US, identity theft happens almost every minute.
A few years ago, it was reported that Abraham Abdallah, a 32 year old waiter stole more than 200 digital identities including ones that belonged to Oprah Winfrey, Steven Spielberg and Warren Buffett to withdraw money and make online purchases. This was made possible by technology that churned out fake credit cards and later, registered new accounts under different addresses. In today’s digital space, there are common and easier ways to get access to sensitive data, highlighting the critical need to build ample security for stronger privacy and data controls.
Phishing is one of the more commonly used methods of identity thefts online. It’s the act of sending emails with links which auto-downloads spy software upon clicking on it, handing over control to a large amount of your sensitive data. The stolen data can be leveraged to make payments, order things online or create new accounts, so you wouldn't even notice it.
Trojans and viruses can also take over your account and block you from accessing it. Fraudsters then try to access other accounts through your account by using the same password. It's not far from likely that your account was hacked last year when over 800+ Million Records were exposed.
Another trick often used by online identity thefts is to create new profiles or accounts under your name, backed by similar email addresses and pictures.
Credit card fraud is the most common one. In the latest report from 2018, the FTC registered around 157,000 cases where people claimed credit card fraud. In 130,000 cases, new accounts had been created, whereas the remaining cases had leveraged existing accounts to siphon money from.
Identity theft followed closely behind, with nearly 122,000 cases reported through everyday activities like online shopping, social media or medical data theft, followed by employment and tax related frauds with 67,000 registered cases.
Number four were phone or utility frauds where thefts stole around 67,000 identities.
Although the number of incidents surrounding online identity theft stagnated since 2015, that’s not the case - the graph only shows three major frauds. The total number has been increasing over the last couple of years, and the only category recording a decline is the number of employment or tax-related fraud.
Even though the number is that high, it seems like identity theft is still not taken seriously. But why?
Identity theft prevention is an underestimated necessity even though it’s crucial because it not only builds mutual trust, it also ensures that fraud is prevented. There are two reasons for that.
First, a large part is attributed to people’s approach - where they’re not careful enough and carry a casual "this happens to others but not to me" thinking. Think about it - have you ever had a second look at a web site before sharing sensitive data? And do you have a different (and strong) password for every account you are using?
Secondly, it's not quite true that nobody cares about it, but today there is no easy and secure way for people to prevent identity theft online when identifying themselves online to other businesses. This leaves companies with the issue at hand, where they’re forced to resort to intrusive, expensive and cumbersome processes for identity verification or ones that simply cannot be scaled to solve this problem. This has enabled fake accounts to proliferate, industrial-scale identity theft and manipulation, and complicated onboarding and access management processes.
So what will the future of online identity theft look like? And what does a digital identity have to do with it?
Identity theft online will be a lot harder in the future. Digital identity platforms such as Passbase try to solve this problem by fully digitizing the way people identify themselves online by creating a biometrically secured, verified and portable digital identity. Digital identities will play an important role in the way we verify ourselves over the internet.
Passbase uses features like liveness detection, ID authenticity checks and facial recognition to provide additional layers of security for digital identities while giving users control over which sensitive data they want to share and with whom.
Interested? Try Passbase now
How can you prevent identity theft online?
Where to check if your identity has been stolen online?
What to do if your identity has been stolen online?
Are you a business owner? Help your customers by avoiding identity theft on your platform! You can try out Passbase for free.