.

Wednesday, February 20, 2019

Survey of Research Literature – Identity Theft

Research Analysis evaluate of Research Lit periodture in Information Technology Management bag Abstract indistinguishability operator element thievery is peerless of the fast growing crimes in the unify States. thither ar umteen definitions of individualism operator operator element element operator larceny, however this showcase of crime exemplaryly involves illeg every last(predicate)(a)y utilizing well-nighbody elses individualized development for two individual(prenominal) and or monetary gain. Thieves acquire individualised entropy with different methods ranging from stealing physical scrolls each(prenominal)(a) the personal manner to hacking into corpo positionual selective selective nurturebases.The field of Information Technology is one of the fastest growing field in the world. Daily innovations and discoveries ar flooding our lives. The continual strive for drive on and efficiency make the world move faster into the new era of digital information.In adjunct to advances in computing, many other fields atomic crook 18 forced to innovate and comply with the demands of the new 21st century consumer. unless with both the convenience and access to this digital education the world represents those who employ the engine room to destroy cultivation and control others for their own benefit. The both and ab protrude evident industries that face often(prenominal) challenges argon the health attention and the pecuniary industry. Both consists of one million millions of dollars in r shut awayue each year and pose a lucrative target for the digital underground.The finance industry is a more interesting topic when it comes to indistinguishability thieving since it involves the pecuniary trunk for line of merchandisees, monetary institutions and consumers. By looking at this industry get uply we idler hang how these affects influence each other and what piece of tail be done to cheer the consume r and the business sector. This paper go away be separated into consumer and business eccentric and and so further divided into sub pcts where the focus would be on specific sections on what is closely related to or drive out firmness in identity stealing.Once such(prenominal) threats and certification measure issues are de destinationine and thoroughly described, the paper forget as well cover some of the alive solutions that are unequally being run throughed by, businesses, monetary institutions and point consumers themselves. tone at all sides of the job, identity larceny touches upon a variety of issues such as pawns that are substance ab apply to rate ones credentials, training that is stored on estimators of thousands or retailers, monetary institutions as healthful as taking into account the engine room that makes authentication and monetary transactions vi open.The spectrum of this is so whacking that barely a small part of it toosh ie be shadowervas and covered in this paper. What is identity Theft? According to legion(predicate) sources, identity theft is a way to take somebody elses identity and expend it for each financial or gains of being account commensurate for certain actions or consequences. The term identity theft has actually came from the word impersonation or copy which describes a process of making an exact copy of something or in this case assuming an identity of some other(prenominal) person.In this paper in that location is and one side to the identity theft and it is the financial loss or gain that elapses during the process. Looking at the identity theft from some(prenominal) likely and analyzing how it affects the consumer, business, or financial institution is what this analysis is attempting to report. Each year, millions of consumers are victimised by identity theftthe practice of using the identity of another(prenominal) to obtain attri yete. After the identity thief deallessnesss, l endingers and opinion bureaus attribute the default to the perplexd consumer. Sovern 2004) According to Sovern 2004, the default that occurs surrounded by the lender and the pretend consumer, in the end falls upon the innocent consumer whose teaching has been stolen in one way or another and mis subprogramd for financial gain. Typically in that location are numerous parts to what forces in identity theft. First of all identity thieves typically obtain personal instruction that is apply to list an several(prenominal), as well as credentials that can be utilize to authenticate themselves.Then, they would expend the credentials to impersonate other individuals and proceed to gain access to financial documents and finally actual monetary assets. Identity theftthe appropriation of psyche elses identity to commit charade or theft (Milne 2003)is a serious consumer problem (Sovern 2004). Identity theft is a commission of fraud that not barely poses a seriou s threat to consumers but is a very serious crime that has unlimited consequences for everyone involved in the process.Although it is a serious crime and a wide spread problem thither are many different slipway that thieves can surface this showcase of method. The initial process of acquiring personal information that is needed to impersonate another individual can consist anywhere from aiming the information in public records at the library, all the way to stealing financial documents like credit cards, checks, and digital information by hacking computer meshworks. The spectrum of this problem is endless and continues to grow on the daily tail end, while financial information becomes ore widespread with the innovation of engineering. Before looking at the specific areas of theft and their origins, identifying the meaning rear end identity as being part of identity theft would be beneficial to the true understanding behind impersonating someone else. Identity is a doer of d enoting an entity in a particular namespace and is the basis of protective covering and privacy - needless if the context is digital appointment or non-digital denomination ( Katzan 2010 ). contrary theft, identity is much harder to describe specially when looking at how it can be stolen and utilise for personal and financial gain. Katzan 2010 illustrates how an identity can overly be referred to as a subject, which invite several identities and belong to more than just one namespace. Identity is part of the oversight dust which can establish a process to another corpse and wherefore result in a trust that is facilitated by a third troupe and acknowledges the basis for the digital identity in the computer- base information systems.Another side is the information thats entrustd by a third party that claims the identity of a person but can be biased based on how that information came about, and wherefore might require additional information to provide clear evidence and confirmation. Identity is primarily used to establish a relationship between an attribute or set of attributes and a person, object, event, concept, or theory. The relationship can be direct, based on physical evidence, and in other cases, the relationship is indirect and based on a cite to other entities ( Katzan 2010).Thieves acquire such attributes of the identity through resource such as guest renovation re impartatives, Trojan horse computer programs, dumpster diving, unified infobases, and physically stealing computers. To retain such occurrences the author suggests implementing reponsibilized and individualized forms of try management where individuals are encouraged to incorporate informational security practices into their daily lives and fretfulness for their virtual self in the digital world. Phishing beleaguers Moving forward beyond what both identity and theft sincerely mean, identifying he to the lavishly gearest degree customary ways of gaining access to individual identity data is the set-back grade to delaying consumers from being the victims of such thefts. The first closely popular blast to gathering the necessary information to impersonate an individual is a Phishing Attack. A Phishing Attack is a way to deceive a consumer into revealing personal information to the attacker through digital communication. Phishing has been a major problem for information systems managers and users for several years now. In 2008, it was estimated that phishing resulted in close to $50 billion in damages to U. S. onsumers and businesses (W regenerate, Marett, 2010). This obfuscation method of both email and net sites is how thieves are able to convince users into fulfilling requests for personal information. Once that information is obtained it can be used to stage theft of either company or personal intellectual property. In the most common phishing scam, the phisher sends an e-mail clothed to look like it is from a financial institu tion or e-commerce site. To wait credible and to attract the recipients attention, the e-mail uses the companys logos and trademarks and employs scare tactical maneuver such as threats of account closure (Lynch 2005)This method of obtaining identity information carries a relatively low jeopardize in both legality and price. The phisher who is carrying out the crime usually resides in an multinational location to avoid politics activity which makes the apprehension and prosecuting of the fraud that is committed to be far more difficult. maven of the studies that utilized analytical barbel to find the groundsing behind the achiever of such a technique concluded that in that respect are quaternion phases in informationing behavioral factors, which influence the replies coming from the consumer in regard to answering emails that request them to provide sensitive information.The study covered 299 subjects and analyzed the percentage of those who responded to different meth ods within the study of phishing. The final factor to the study is the awareness level that the communicator posses in regard to the security threats that are before long present in the digital world. bail awareness training is authoritative in teaching Web users how to appropriately utilize both network and system resources. Complete review of security policies and their congruency with current threats is crucial in identifying noncompliance of both users and systems.Once systems are up betrothald and users are aware of the different tactics that can be used against them and the different ways they can comfort themselves from becoming victims the world can move closer to eliminating phishing as an urgent threat. Drivers License Moving past the phishing technique on the consumer side, taking an in-depth look at how identification has become an essential part of identity theft and what are the different tools that we use as consumers to present that trust between our identity and the business entity from which we want to acquire services.The first and probably the most widespread tool of identification in United States of America is a drivers license. A drivers license is an identification document that corresponds to a Department of Motor Vehicles database record, thusly is considered to be a original identification document. It is very valuable and the most circulated picture credential that gives one the ability to operate a fomite as well. single of the reasons behind counterfeiting drivers licenses is due to the great spectrum of different fictitious characters of licenses that exist in the USA.These counterfeits vary from simple laminates that are created on matrix printers, all the way to sophisticated and authentic, 45 degree hologram based laminates utilizing the equal materials and even printing equipment that is used by the DMV. The typical execrable would use fungible credentials as an instrument to filch because it offers reduced risk, minimal effort, and increased effectiveness. Financial frauds, money laundering, and identity theft are three common exploits that typically rely on fungible credentials.Fungible credentials are useful precisely because they simultaneously obscure the criminals authorized identity and facilitate any authentication that whitethorn be required. (Berghel 2006) This slip of credentials is a way to shield the thiefs real identity while relieve utilizing the facial identification with different credentials. Typically financial transactions are the most common way to utilize fungible credentials to gain access to the victims assets. Since the process involves getting several versions of identification based on the verification process, in the end the original counterfeit documents are disposable.This means that the final identifiers that are obtained, such as the drivers license are legitimate due to its issuance from the government way of life. This type of a scheme makes the sensin g of the final credentials impossible to detect since it was acquired from a legitimate source. The only way to really prevent this from happening is by having all government agencies and law enforcement to authenticate all documents no matter where they came from. yet currently due to the extreme overhead for such process, this is currently not possible to achieve. A threat analysis of RFID PassportsThe second and most widespread tool in the world is the passport. A passport is a document that is issued by a national government for the sole purpose of traveling between countries and having the ability to identify the nationality of the traveler as well as the identity of the holder. Since 2007 all passports that have been issued in USA, contain an imbedded RFID snick, which is valid for a quantify period of ten years. The reason behind such change in passport policy is to provide a gum elasticr way to store decisive identification data on the chip as well as encrypt such data an d keep it safe.However in the last a couple of(prenominal) years there have been approaches that defy the design and the security of the chip and permit the identification information to be stolen. this individual used a small antenna connected to a computer in his haversack to eavesdrop on the radio communication between the security cistrons reader, which has the capacity to decrypt the highly sensitive and secured data on the passport, and the RFID-enabled passport itself(RAMOS, A. , SCOTT, W. , SCOTT, W. , LLOYD, D. , OLEARY, K. , WALDO, J. 2009)The process that is described above creates a way to find and obtain the information that is contained on the RFID chip, however in assemble to do so the proximity of the listening device and the timing of the transition are critical to its success. In addition to acquiring the data, the ability to decrypt the information before it can be utilized is a process in itself. Six pieces of information can be stolen from the RFID chip on a U. S. passport your name, nationality, gender, date of birth, push through of birth, and a digitized photograph. Numerous problems of identity theft could a erect from someone taking that information, but this article focuses on the financial risk. (RAMOS, A. , SCOTT, W. , SCOTT, W. , LLOYD, D. , OLEARY, K. , & WALDO, J. 2009) The information that is acquired during the intercept process is sufficient enough to create a duplicate passport and utilize it for financial gain. However due to the impediment of this attack, be of the equipment involved and the limited financial return as oppose to the high cost of blank passports, this type of scenario is not very likely.As a solution to this possible downside of RFID chips, integrating canonical access-control and encryption using the inexplicable severalize that is integrated right into the passport help mitigate the risk of data interception. Another approach would be to control the RF signals that occur between the reader and the passport during the verification process. This would help minimize the chances for eavesdropping on the RF signals and interception of all identity information. Identity CardsIn order to go beyond the complications of the passport and the specialization of the drivers license there is another way to identify a person and verify their credentials. This tool is called an Identity Card and is utilized on the government basis in several different countries. The idea behind the identity card is very resembling to what a drivers license does, however it only focuses on proving that the person who presents the card matches the credentials that the identity cards holds, without granting driving privileges as does the drivers license.This new concept of identity card consists of two components, one is the database identity and the other is symbol identity. selective informationbase identity is the gathering of all information about a certain individual and recorded into databases, whi ch is then accessible by the government. Token identity on the other submit only comprises of very specific information about the individual. This information consists of name, gender, date and place of birth, date of death, signature, photograph and biometrics.In addition biometrics consists of a face scan, two iris scans and ten fingerprints. In the context of identity theft, token identity is considered to be more than just information about an individual. Unlike the individual pieces of information that comprise it, token identity has the essential characteristics of intangible property. Its misuse by another person not only infringes the individuals personal right to identity, it infringes the individuals proprietary rights in his/her registered identity, particularly in token identity. Sullivan 2009) Utilization of token identity for transactional purposes constitutes an individuals identity which is all the information that the token holds. This is the information that is mo st useful for an identity thief since it is all that is required to enable a transaction. Not all of the information in the token is used for every transaction and therefore depends on the nature of the transaction, therefore the required information is automatically chosen from the token to match the transactional requirements. The phrase identity theft is a misnomer, as identity theft does not actually deprive a person of their identity. The offence of theft or larceny traditionally involves an appropriation of the personal property of another with the intention to deprive him or her of that property permanently. wrongfully accessing and using a persons personal information or forging proof of identity documents, without taking any physical document or thing, would not deprive the person of the ability to use that information. (Sullivan 2009)Although wrongfully accessing or forging of the documents does not deprive the person of access to such information, it does however fundame ntally damage the integrity of the individual token identity by denying exclusive use of the identity. Personally Identifiable Information Utilizing tools that identify oneself are needed to acquire, obtain and steal financial information, however in addition to that and the rapid innovation of the digital world, all the information that identifies us is freely available on the net profit.In the last several years the internet progressed so rapidly that it is being used for social interaction, product purchases and financial transactions. In addition to that many companies are doggingly collect personal information utilizing social networks, service providers, and retail sites. These companies claim that under the customer license agreements information provided impart be safe guarded and released in a non identifiable form. This means that the information will be de-identified by changing the fixed set of attributes that it currently resides in.Once it is de-identified it will b ecome safe enough to release to the public and will prevent others from using it for marketing or advertising purposes. The emergence of powerful re-identification algorithms demonstrates not just a flaw in a specific anonymization technique(s), but the fundamental insufficiency of the entire privacy shelterion paradigm based on de-identifying the data. De-identification provides only a weak form of privacy. (Narayanan, A. , & Shmatikov, V. 2010)This type of technique is only part of the solution when it comes to privacy protection. The ability to develop effective technologies to protect mystic information is being developed on continuous basis and there is still no definite answer as to what the best approach really is. Utilizing the de-identifying approach is a step in the right thrill but it only patches the problem instead of solving it. Currently there are limitation to the way privacy is preserved and protected, therefore a better method of protection call for to be bui ld and implemented.Security through Technology Now that we covered the outstanding issues with the identity tools and even ways of how to protect the personal identifiable information, next step is to identify applied science flaws that jeopardize the security of the process. The engineering plays a crucial role in how secure the data is both inside and outside the primary location. When it comes to computer systems and security, the weakest components are the end users, especially when they are accessing corporate information from their home base location.With progression of wireless based network technology, the adaptation rate has been massive and is justified by the convenience that wireless technology provides for both basic and business consumer. Numerous applications have been developed to utilize the convenience of workings from home for employee and to have them access databases of their organization using just the lucre browser. This scenario also works for those who are continuously traveling and therefore use wireless services at the hotels or other lodge places.Many of such systems only rely on passwords to authenticate users and pose a real threat when it comes to accessing corporate information. In such a case a hacker can intercept such credential information and utilize it to access the corporate databases and therefore conduct an intrusion which will go undetected since it relies on real user account information. Hackers do not require specific hacking tools, as operating systems can find nigh routers and connect to them almost automatically.Hackers can then perform illegal trading operations such as hacking other computers, spreading viruses, organizing terrorist activities, and so on. (Loo 2008) As the technology progresses and innovation takes place it would still be close to impossible to mould all security problems no matter what technology is in place. Security depends on several different factors including coordination between employers, end user and manufactures of the technology that is being used.It is up to the employees to be aware of security risks and protect the technology they are using no matter where they are. Investing time into discipline about countermeasures is a worthy investment which can eventually prevent unrecoverable events such as an intrusion. Employers and providers of technology should focus on the usability and chasteness of the technology as well as establishing the necessary guidelines for usability and finding the right tools to address it. Protect Government InformationIdentity theft has an terrible impact on both time and finance of a consumer who becomes the target of it however its not only consumers that checker the consequences of such thefts. Businesses are being force by this occurrence as well. Organizations need to protect their assets from cyber crime, web attacks, data b endeavores and fraud. Criminals utilize such attacks to harvest data through these means for financial, political and personal gain. Such actions are becoming firm motivators for adaptation of information system security approach to protect assets of companies.The ISS approach utilizes an accreditation process that mandates that all government agencies are complying with such standard. A unified security approach would have been ideal in the case of government agencies however even with proper accreditation and mandated requirements, more than half the agencies demonstrated resistance by their management to implement such rules. One of the reasons for such resistance was the norms and culture with the organizations which could not be unified by one system covering all the agencies.Secondly the management of the government branches that lacked the accreditation pointed out that it was due to the lack of resources that was being committed by Treasury to pay for the needed changes that were part of the compliance process. The key lesson learned from this study was that a l arge-scale IS/IT plan conducted across nonuple government agencies and sites of varying sizes requires that the carrying out be staggered and suited to agency size, frankincense breaking down the complexity of the tasks enabling resources (people and budgets) to be put in place and allocated to future project phases. Smith, S. , Winchester, D. , Bunker, D. , & Jamieson, R. 2010) The authors point out that the failure of carrying into action was for the most part due to the long term financial backing of the project and that adequate resources and senior management commitment is crucial to the success of ISS. Data Breaches and Identity Theft Data security is an ongoing process and affects both consumers and businesses, however retailers and financial institutions are responsible for storing and processing consumer financial data, and they are solely responsible for the security of it.One of the leading causes of identity theft is data breaches which are a process of loosing data due to a security or network flaw. This is why a proportionate combination of security vs. tot up of data collected needs to be found. If there is too much data and not enough security than the potential cost of a data breach is very high. Dollar estimates of the cost of identity theft do not by themselves indicate that too much identity theft is occurring.However, press accounts of data breaches suggest that personal identifying data (PID) is being stolen too frequently, and that the data thefts are unduly facilitating several(a) kinds of identity theft. 2 (Roberds, W. , & Schreft, S. 2008) Establishing policies that can picture that the eternal sleep between data accrual and security is properly maintained will be crucial in preventing data breaches. Data network can help prevent theft by securing its databases better as well as increasing the amount of PID compiled in order to identify possible fraudulent attempts on the network.The downside of over collecting is the spillo ver effect where the data can be stolen and used on another network, therefore breaching the other network. the approach here includes for limpid calculation of the efficient levels of data accumulation and data security, and for straightforward paygrade of policies meant to attain efficiency. More generally, it offers an illustration of how any such calculation should balance the costs associated with data misuse against the self-coloured gains afforded by the relaxation of anonymity. (Roberds, W. , & Schreft, S. 2008)There are specific variables that need to be adjusted in order to achieve the highest possible degree of security and consider the costs that are associated with implementing this specific formula. Formal Identity Theft Prevention Programs As was already discussed previously, identity theft is a serious problem, and can take a very long time to even notice that it is taking place in our lives. Due to the amount of damage that is caused to the consumers life and fi nancial situation, the government has taken stairs to combat identity theft at federal, state and local levels therefore attempting to assist victims of this crime.There are several steps that have been taken in legislation, however there are still no laws in place that can regulate the general use of personally identifiable information in regard to government branches and both public and orphic sector. The key piece of information that is considered to be most valuable to the identity thieves is the Social Security image (SSN), therefore one of the prevention initiatives is in regard to displaying and using Social Security metrical composition in easily accessible laces. Other initiatives include securing the availability of personal information though information resellers, security weaknesses in the federal agency information systems, and breaches in data security. .. federal systems and sensitive information are at increased risk of unauthorized access and disclosure, modifi cation, or destruction, as well as inadvertent or deliberate disruption of system operations and services. ( Bertoni, D. 2009).According to the GAO study it has been reported that federal agencies still experience a large number of security related incidents and that provides access to large amounts of personally identifiable information that reside in the federal records that could be utilized for identity theft purposes. defend personally identifiable information that is stored in the federal system is critical since its loss and unauthorized disclosure could result in devastating consequences for the individuals.The consequences could range from fraud, theft, embarrassment and even inconvenience in the cases of identity and financial related transactions. Results of identity theft have direct impact on the credit records of individuals and can also carry substantial costs related to this activity in addition denial of loans and even convictions for crimes that an individual did not commit is a possible outcome of identity theft on the federal level. SolutionsIdentifying all the sub categories of identity theft is outside the scope of this paper, however with a general understanding of how it affects consumers and business, as well as the severity of the issue the next step is to see what can really be done to minimize the damage. One approach to combating identity theft is the implementation of wise(p) cards into the financial system. These cards are designed to incorporate embedded computer chips that rely on encryption algorithms to safe guard the information and aid in assurance of transactions and identity verifications.If the technology is properly implemented it can really aid consumers, merchants, banks and others in securing transaction and combating identity theft. In addition it will help lower the costs of fraud prevention and provide benefits in the form of creating a more efficient payment system. Such technology has already seen implementat ion internationally and have proven to be a much more secure and efficient method of payments. Payment promising cards hold the promise to improve the security of payment pronouncement and help reduce the costs of identity theft and payments fraud.Smart cards allow a range of security options and some issuers have implemented the strongest upgrades, while others have not. (Sullivan 2008) The reduced infra coordinate costs are yet another benefit that financial institutions can use in favor of implementing the system in United States. However there are some profound challenges piteous forward with this system in regard to adaptation of smart cards by issuers, as well as having the whole industry agree on specific security protocols that will be used in the new smart cards.Identifying the true cost and both ironware and software limitation of the new product is also crucial in preventing adoption limitations. There is also the problem of having criminals shift efforts towards are as of weakness in the security of payments, however due to the lack of competitive advantage in the security standard there is a lack of willingness from the providers side in investing time and money. The complex network structure that is required to support the new standards is also a roadblock for implementation and development.Smart cards have the potential to become the new payment leave standard but at this time they are facing a number of adaptation and development challenges that are discouraging financial institutions from moving towards them. Enforcement of physical identification cards to improve security is practicable way however a bigger issue of security and lack of it still takes places in many businesses. In the case of ID cards the outcome of implementing such a system would result in large databases of information that will utilize the technology for identification purposes.The problem here is what goes on behind the closed doors of the organization that houses such large amount of personal data. government agency of it has to do with proper disposal of sensitive documents which most consumers dont shred and even businesses that dont properly take care of them. Once the information is housed in a database and is protected by firewalls and encryption routines, there is no clear process of how to prevent it from leaving the organization through unauthorized parties, computer theft, loss of physical media or records. there is a significant need to widely implement measures for tracking and canvass identity thieves and fraudsters once a breach has occurred. There are various means of doing so, whether electronic or physical (Gregory, A. 2008). These undercover tracking and follow agents can log all the activity that is taking place by phone or email and then can be used for verification purposes and zero out any anomalies or breach attacks. This type of tracking can help companies stay on top of the activities that are taking place and even intervene in the process in order to minimize the outcome of the breach or fraudulent transactions.It will also help prevent the amount of complains, loss of reputation and damage to the company and its brand. The database of personal data can become quite large and is continuously exposed to security threats and data corruption, thats why companies apply consultants to investigate risk and delineations of the database information. Consultants check for compliance with Data Protection make believe as well as other required transactional practices. In some cases the database can be subjected to quality assessment and data hygiene as to keep the information up to date and as accurate as possible.The results of the analysis can then be used to create an actionable strategy to manage the databases and maintain integrity and efficiency for both short and long term. An increasing amount of identity theft incidents have also provoked major changes in the financial industry, especially with banking applications and the way that they protect data and ensure legitimate transactions. To insure such security and integrity, financial institutions have integrated biometric technologies such as fingerprint and facial comprehension that are mandatory for customers and ensure higher level of security. Biometric methods are based on physiological or behavioral characteristics. Since they take advantage of mostly unchangeable characteristics, they are more reliable than traditional methods of authorization (Koltzsch, G. 2006) The physical exertion of such technology that can be so closely startle to a physical attribute of a person is very promising, especially in the financial sector and has been looked at it for the last 10 years. However due to the cost and the complexity on the implementation part as well as inconvenience to the consumer, it has not been as widespread as originally think.Today this technology is mostly used for standalone applications, such as guardi ng vaults, high security areas and employee authentication. Customer oriented solutions are still in untimely development stages and are not fully implemented due to the aid of alienating customers and pushing them away from what they are used to. Another reason for the lack of implementation is the difficulty in standardizing this technology on the international scale. The fear of investing in technology that will not be supported by others is what is slowing the adaptation process down.However due to the rise in identity theft and phishing cases there has been a new grounds towards the development of this technology to prevent loss of information and financial resources. Protecting the payment system depends on the adoption of industry standards for data security and implementation of the new digitally aware way to personally identify an individual. Currently the identification process depends on the Social Security Number as we discussed previously, which is one of the main re asons that identity theft still occurs.To be affective in defend the payment system there needs to be a way to properly monitor the compliance of the system and enforce proper penalties in the case of its absence. Payment system participants can also hold each other accountable for the damage in the incompliance of contractual agreements in place. Due to high litigation costs in the event of identity theft, merchants are now implementing new policies that allow them to exclude transactional information much faster in order to prevent its exposure to theft. Another fairly recent step taken by the private sector is the development of insurance products to cover losses from identity theft. reporting for consumers is available from several sources, at a cost of approximately $ one hundred twenty per year, and appears to provide minimal coverage against lost wages, legal fees for defending against lawsuits brought by creditors or collection agencies, and select out-of-pocket expenses (Schreft, S. 2007). The down fall of this type of coverage is its limitations. Neither type of uch insurances or proposed coverage will really protect against identity theft risk because the financial sector cannot ensure against systematic risk. This results in the loss of confidence in the system all together therefore creating the possibility of users accessing such services less frequently. Imperfections in the ability to protect the consumer against crime, results in having the government oversee the failures and driving it towards protecting the integrity and efficiency of the financial system. Shortcomings of the SystemTo combat identity theft is an enormous task that even the government is struggling to achieve. The reason for this is time, money and uniformity between financial providers and government levels. Several different attempts have been do to provide tools for consumers to identify theft and report it to the institutions. However even though such systems are in place, many consumers complain that even when such theft occurs and notices are placed on accounts, thieves are still able to steal money under fraudulent identities. They are even able to successfully apply for loans when there are errors in the information provided.In addition to that the Credit Bureaus have made it close to impossible for an everyday consumer to reach an actual human customer support representative due to the automatize telephone systems that have been implemented. Another reason why the system just does not work the way it was proposed, is the cost that the credit bureaus are suffer with the escalation of identity theft cases. The actual costs of thefts are not reflected on the bureaus since they only provide credit reports and credit monitoring services which consumers steal in most cases even if they have been a victim of theft.The bureaus have no real incentive in helping consumers prevent identity fraud, which is in this case is a interlocking of interes t for one of the parties involved. This conflict of interests entails in the amount of early revenues that are generates from products such as credit reports and credit monitoring services. The latest offering from the bureaus is an email notification service that notifies the consumers if any changes in the credit records occur and charges a fee for it. One observer has estimated that credit bureaus received $600 million in 2003 from sales of credit reports, credit scores, and credit monitoring services (Hendricks 2003). In such a case the credit bureaus are profiting from the sales of preventive service that prevent the client from the theft that the bureau makes possible. Overestimation of losses is also a shortcoming of the system that is geared toward protecting the consumer in the business of financial transaction and identity information. A claim that identity theft is the fastest growing crime in U. S. is what the consumers are being told on the continuous basis.Lately the p ress coverage of this topic has grown significantly and provided a number of related events that claims an affected population of 4. 6% and losses of more than $60 billion dollars a year. What consumers need to take into account is the $50 uttermost liability that is provided by the financial institutions, as well as the fact the media is taking into account information theft that did not result in financial losses to the institutions. Such overestimation are leading many consumers away from doing business on the internet and providing erroneous information, while forcing them to implement monitoring services that cost them money.As was covered before, smart cards is viable solution to the new identifiable information problem, however its shortcoming is the same problem as it exists with current financial tools. The exchange of personal information between the consumer and merchant can still result in permit an impersonator utilize the information to initiate a payment therefore m aking the smart card inefficient at securing the customer. Conclusion Identity theft is one of the fastest growing crimes in United States, and the real reason behind that is the fact technology innovated at a much greater speed than businesses and consumers have been able to adapt to it.Because of that the tools that we use to identify ourselves are no longer safe and need to be updated. On the consumer side a variety of tools are available to protect oneself from identity theft. However the cost of such tools can be a recede back in their implementation. On the business sides tools such as high level encryption, RFID chips and transition standards are in development stages and are planned to be implemented in the near future. Identity cards and change databases can be the key to solving security epidemic but are not versatile enough and carry overhead cost during the implementation process.There are many viable solutions to protect both the consumer and the business the path rea lly depends on cost and time available to either one. Awareness is the best approach to keeping you data safe and secure.

No comments:

Post a Comment