About The Blog

Debate at the intersection of business, technology and culture in the world of digital identity, both commercial and government, a blog born from the Digital Identity Forum in London and sponsored by Consult Hyperion



  • Add to
Technorati Favorites


  • Creative Commons

    Attribution Non-Commercial Share Alike

    This work is licensed under a Creative Commons Attribution - Noncommercial - Share Alike 2.0 UK: England & Wales License.

    Please note that by replying in this Forum you agree to license your comments in the same way. Your comments may be edited and used but will always be attributed.

« U.K. government research | Main | Charlie Edwards, DEMOS »

Industrial-scale identity theft

By Dave Birch posted Aug 15 2008 at 9:25 AM

[Dave Birch] Well, not really identity theft at all, but stealing credit card details on a massive scale then using them to obtain goods or services fraudulently. These ones got caught.

Federal prosecutors have charged 11 people with stealing more than 41 million credit and debit card numbers, cracking what officials said on Tuesday appeared to be the largest hacking and identity theft ring ever exposed.

[From 11 Charged in Theft of 41 Million Card Numbers - NYTimes.com]

Judging by the ever escalating figures for credit card fraud, however, plenty of others are still getting away with it. Are the figures telling us something very specific about authentication: that online PINs and passwords are not only not a particularly good authentication mechanism but may actually make matters worse? The prosecutors allege that the criminals stole card details and PINs as they were passing (apparently unencrypted) over wireless networks and then used the fake card to details to manufacture cards and then used the PINs with the cards to withdraw cash from ATMs. No PINs, no cash out of the ATM.

As far as anyone can tell, identity theft (as opposed to credit card fraud) is actually going down. The dynamics of this, I suppose, are that in a new environment people are initially very vulnerable to scams of many kinds, but over time they begin to wise up. In fact, they seemed to have wised up fairly quickly...

The number of identity fraud victims has decreased for the fifth year in a row, according to the 2008 Identity Fraud Survey Report conducted by Javelin.

[From Javelin Strategy and Research » Hacking case shows companies’, consumers’ vulnerability]

Both bank and their customers are making steady progress (which is not to say that there's isn't room for considerable improvement). The fraudsters are getting smarter and targeting their attacks, but presumably it's getting steadily more difficult to persuade the average U.K. interweb junkie that you are the widow of former Nigerian strongman Sani Abacha, simply because of increased awareness and not because of any technology solution.

These opinions are my own (I think) and are presented solely in my capacity as an interested member of the general public [posted with ecto


The comments to this entry are closed.