About The Blog

Debate at the intersection of business, technology and culture in the world of digital identity, both commercial and government, a blog born from the Digital Identity Forum in London and sponsored by Consult Hyperion



  • Add to
Technorati Favorites


  • Creative Commons

    Attribution Non-Commercial Share Alike

    This work is licensed under a Creative Commons Attribution - Noncommercial - Share Alike 2.0 UK: England & Wales License.

    Please note that by replying in this Forum you agree to license your comments in the same way. Your comments may be edited and used but will always be attributed.

« Anchoring the reputation economy | Main | The 800ln gorilla in the digital identity room »

Another lesson on the real identity risks

By davebirch posted Aug 8 2007 at 9:09 AM
[Dave Birch] Identity theft is a pretty sensitive issue, especially when the identity of children is the issue. So when a hospital laptop containing information on about 11,000 young children is stolen you expect a bit of a fuss. Similarly, when a bank customer adviser was jailed for four years for helping identity thieves steal £2.3 million from accounts, the newspapers were bound to report it. In this latter case, apparently, the BBC's former world affairs correspondent Rageh Omar had a narrow escape when a telephone caller posing as him, and armed with confidential information, tried to access his Barclays account. The caller was thwarted by a suspicious branch manager (not, you might note, by a neural network or strong authentication. When your personal data is stolen and passed to thieves by government employees who are supposed to be working for you, you're bound to be upset. Of course, if you put your own personal information up on MySpace, Bebo and Facebook then you've only got yourself to blame.

Technorati Tags: , , ,

I've just been making some notes about the difference between "newspaper threats" and actual threats to a payment system because of some risk analysis work, and it reminded me that our perspectives on fraud are naturally framed by those kinds of stories, which I just randomly pulled up from the last couple of months. But there are major differences between consumer perception and actual reality. Test your knowledge with this true/false quiz that I found a while back on the DGC Blog. As a taster...

The first question and answer are: the popular belief is…….
(1) Most fraud occurs due to data breaches or Internet usage? T/F
(a) False. Traditional crimes are most common. Data breaches account for 3% of known-cause fraud, Internet 16% (from 12% in ’06).

Let's not get carried away with a focus on identity theft as the crime of the new era. People still rob banks with shotguns (amazingly: I guess they don't realise how much more they could steal simply getting a job at the bank).

These opinions are my own (I think) and are presented solely in my capacity as an interested member of the general public [posted with ecto]


TrackBack URL for this entry:

Listed below are links to weblogs that reference Another lesson on the real identity risks:


I agree that most payment fraud still comes from other channels.

But, I would say that phishing and related is the first major and pervasive threat to value that comes from the digital world. It's the one that we invented, it's the one that belongs to us at each phase of the operation.

If we have any responsibility in the game, it should be to clean up our own area first.

In looking at the emergence of threats, and the emergence of responses to those threats, I also saw this disjointedness between the perception and the reality.

To deal with this, I suggest a "validated threat" test. There are many threats, but how many are validated? Which is to say, for each threat, do we have enough information to plausibly include it in our security responses? I propose a three part test:

* clear
* present
* dangerous


"But, I would say that phishing and related is the first major and pervasive threat to value that comes from the digital world. It's the one that we invented, it's the one that belongs to us at each phase of the operation."

Incisive point, well made.

The comments to this entry are closed.