Identity Theft Technologies
Answer by Kristine Regele, CAMS, Sr. Compliance Analyst - ChoicePoint
Question: If identity theft is apparently on the decline, then why does the "buzz" continue?
Answer: Although some measures indicate the rates of identity theft are declining, there is no question that identity theft remains a significant problem in the United States.
For the seventh straight year, identity theft topped the FTC's list of consumer complaints1. Identity theft reportedly costs American businesses and consumers $50 billion a year, impacting nearly 10 million U.S. victims annually2. In fact, approximately 23,000 people become victims of identity theft every day!3
Financial institutions bear much of the costs that result from identity theft, and every day they face the challenge of managing identity risk in order to control overall fraud losses. Investing in technologies and systems to manage identity risk across an enterprise can provide significant returns by reducing fraud loss.
Identity risk management can also support your bottom line by helping prevent non-compliance. In 2007, the FTC and the federal financial institution regulatory agencies released final rules regarding identity theft and the "red flags" that can help indicate the existence of identity theft. Beginning in 2008, financial institutions and creditors are required to adopt a written identity theft prevention program.4
Another reason to manage identity risk is the potential for reputational damage through negative press. During the last week of February, a report was issued "compar[ing] institutions on their performance in avoiding identity theft."5 The premise is this: when consumers they see how well (or how poorly) certain financial institutions are doing, they can "vote with their feet' and choose safer institutions."6 Certainly, no bank would want to be known for a high incidence of identity theft!
In each of these examples, technology can be used to help manage identity risk. A bank might use technology to verify that a person exists. For example, the bank may scan the identification information provided by the customer against public records. A bank might also use technology to verify that the identification documents are not forged. Further, personnel might validate that the person opening an account is in fact the owner of the identification documents (as opposed to someone opening an account using information from a stolen wallet, for instance). Technology might also be deployed to authenticate persons as they try to access their accounts after account opening. A familiar case is one in which call center employees ask "knowledge-based" questions prior to initiating a transaction. The concept behind knowledge-based quizzes is that only the true owner of the identity is likely to know the correct answer. They can include questions like, "In what year was your Social Security number issued?" or "Which of the following cars have you owned?"
As stated above, an investment in technologies and systems to manage identity risk across an enterprise can provide significant returns by reducing fraud loss. The best way to determine the technologies or strategies that will work best for you is to begin by conducting a risk analysis (or carefully reviewing your existing risk analysis). When you design a risk management program, your mitigation efforts should align with the risks and vulnerabilities identified in the risk analysis. The degree to which you deploy technology should be reasonable, given the nature and complexity of the risks. Once you understand the efforts necessary to manage your risk, you are in a good position to select technology that can assist you with those efforts and provide significant return on your investment.
Get a FREE USA PATRIOT Act white paper, which addresses regulatory compliance, identity verification, identity theft and more.
Bridger Insight™ XG is a sophisticated, easy to use identity risk management solution tool kit (including USA PATRIOT Act and OFAC compliance components). Designed for cost-effective, efficient customer screening and reporting, this product is trusted by the majority of the top 25 U.S. banks and over 4,000 clients. Bridger Insight XG facilitates streamlined identity verification, identity fraud and theft mitigation, due diligence investigations and extensive watch list screening.
ChoicePoint (NYSE: CPS) provides businesses, government agencies and non-profit organizations with technology, software, information and marketing services to help manage economic and physical risks as well as identify business opportunities. Consumers have free access to the reports we create at www.ChoiceTrust.com. Learn what we do to protect consumer privacy by visiting www.PrivacyatChoicePoint.com and, for more information on our company, go to www.ChoicePoint.com.
This document is not intended to constitute legal advice and should not be relied upon as such. The opinions herein are the opinions of the author and do not necessarily represent the opinions of ChoicePoint or any other entity referenced herein.
1 Federal Trade Commission, Consumer Fraud and identity Theft Complaint Data, Feb 2008, (Mar 06, 2008).
2 Federal Bureau of Investigation, Protecting Your Identity: New Partnership Targets Data Theft, Jun 28, 2006, (July 3, 2007)
3 KETV Omaha, News Report, Feb 13, 2008, (Mar 7, 2008).
5 Hoofnagle, Chris, Measuring Identity Theft at Top Banks, Berkeley Center for Law and Technology, University of California, 2008: Paper 44, Feb 26, 2008, (Mar 4, 2008).
First published on BankersOnline.com 4/28/08