Premium Membership 
Free Membership
Share this!
PrintEducation, New Technology Keys To Combating Internet ID Theft
By Catherine Hubbard, CCH Washington Staff Writer
Educating consumers and collaborating with the private sector, rather than legislating solutions, are the keys to combating Internet identity theft, according to experts speaking at a recent Federal Trade Commission forum in Washington D.C.
"Mandating a technology is not necessarily the proper solution, because we still have to have adoption of these by consumers," said Michael Zamorski, consumer protection division director of the Federal Deposit Insurance Corporation (FDIC).
During 2003, 10 million Americans were ID theft victims, according to Thomas Curry, director of the FDIC board of directors. It usually takes victims of ID theft 1 to 10 hours to resolve the problem (although 30 percent of all cases took longer, and another 6 percent averaged 240 hours to fix), and the total cost to the industry and to consumers exceeds $50 billion, according FTC statistics.
"ID theft is a clearly a serious, growing problem," said Curry, noting that account hijacking--unauthorized access to and misuse of existing checking and savings accounts through hacking and phishing--is the fastest growing type of fraud. Between April 2003 and April 2004, he said, nearly 2 million customers were account hijacking victims with average cost per victim of roughly $740.
Government Efforts To Combat ID Theft
Scott Parsons, deputy assistant Treasury secretary, said the government is hoping to stem the tide of phishing, a type of ID theft that involves websites that appear to come from legitimate financial institutions, but that ask for personal or financial information. Last year, most of these look-alike websites were aimed at large institutions with a lot of brand recognition, but more often they are reaching small- to medium-sized businesses, he said.
Advances in technology and consumer awareness have begun to reduce victimization, said Parsons, noting that some companies have developed toolbars that let the user know whether they going to a legitimate site, rather than a phishing site.
In addition, the government has made "tremendous advances in law enforcement," he said, adding that by the end of 2004, it is starting to apprehend more criminals. "More people will be caught this year," he predicted.
Through collaborative efforts such as Operation Firewall, where more than 26 countries teamed up against ID thieves, Parsons said, "the government hopes get the attention of the hackers and the phishers to let them know that they can't act with impunity."
"ID theft is a problem that we cannot avoid," said Michael Jackson, FDIC technology supervision branch associate director. He suggested that banks and online bankers stop relying on passwords as a sole method of authentication and instead consider upgrading to two-factor password authentication systems similar to the combination of a card and a password used at ATM machines. "Let's fence in the problem and keep it from growing," he said.
"We need to be just as versatile and resourceful as the crooks if we're going to be able to stay ahead of them in this fight against phishing and other forms of ID theft," said Wayne Abernathy, American Bankers Association regulatory affairs executive director.
So far, there hasn't been an erosion of consumer trust in online banking, said Abernathy. Yet both banks and consumers would lose out on the increased productivity online banking has led to if their trust fails, he said. "All of that is lost if the customer is afraid to use that system," he said.
Consumer Education
The Treasury Department recently finished a study on the use of technologies to combat Internet ID theft, said Parsons. "Consumers can take basic steps to lower risk," he said. Yet he said consumers might be slow to adopt technologies that add a new level of complexity to their online transactions.
Lisa Hicks-Thomas, Virginia senior assistant attorney general, said that even though the state passed a law prohibiting the DMV from including Social Security Numbers on driver licenses, many consumers insist on keeping their SSNs on the licenses. This shows that "consumer education to avoid becoming a victim is certainly a key," she said.
A total of 53 million people (44 percent of Internet users and one-fourth of all adults) use online banking, a 47 percent increase since 2002, said Abernathy. The good news is that phishing "is greatly vulnerable to consumer education," he said. "Education (alone) won't solve the problem, but I don't think we can solve the problem without it."
