By Jo Best, 26 February 2004 17:25
NEWS There's no doubt identity theft is a growing problem. The problem is, the place it could well be growing most is in consumers' minds. According to new research, consumers are more aware than ever that identity theft is a threat but they feel more vulnerable to it than they did a year ago.
The research, conducted by Opinion Research on behalf of RSA Security, found that 63 per cent of consumers were more aware of identity theft issues now compared to last year, but only 18 per cent of consumers felt themselves to be any safer as a result and 26 per cent thought they were actually less safe.
But when it comes to protecting consumers from identity theft it's all me, me, me of those who did feel safer in 2004, around half did so because they'd implemented measures themselves while less than a third thought they were more protected because of new developments in technology or business processes in banks.
Consumers' fear of ID theft doesn't just harm confidence, it could actually be hurting online business, the figures suggest. The number of consumers unwilling to share data with online shops has risen from 35 per cent in 2003 to 44 per cent this year.
"Although government, financial services institutions and the security industry have taken great steps over the past year to increase awareness of identity theft and encourage better security practices among consumers, organisations still need to go further if they want to see an increase in consumer confidence toward online business," said John Worrall, VP of worldwide marketing at RSA Security, said in a statement. "Consumers must feel confident and safe when making online transactions - otherwise, businesses will never realise the cost savings and revenue potential of the internet."
The question of where responsibility lies for protecting consumers drew mixed responses, however. Sixty-five per cent of those questioned thought they themselves were in responsible for dodging ID theft and 53 per cent chose banks and just 24 per cent thought it was sellers.
Are consumers right to be worried? Possibly. Identity theft has been determined as the fastest-growing financial crime in the United States by the US Department of Justice and the cost of identity theft in Britain is now topping £1bn a year, according to government figures.
Password and PIN management isn't helping the problem either, with the RSA survey showing that most users have fewer then five passwords for all their access to electronic information and 15 per cent use one for everything.
Having loads of passwords isn't a lot of help if you write them all down though. A username and password survey conducted by Rainbow Technologies last year of 2,500 IT administrators, management and security professionals showed 50.5 per cent of users writing down their passwords - with 5.5 per cent writing down every one they have and giving the identity thieves an even easier ride.
It's not all doom and gloom, however. The increase in awareness is good news in the fight against identity theft. Take phishing scams, for example more and more banks are putting out advisories warning customers not to be taken in by the scam emails and the more consumers are aware, the less chance there is they'll be taken in by the criminals.
"Awareness of identity theft is certainly the first step, but businesses clearly have a long way to go if they want consumers to feel protected," Worrall said.
Comments
There are 6 comments. Join the discussion
1. anonymous
Recently a colleague of mine has been a victim of identity theft. I get the impression from conversations that I have had with this person that the banks and building societies are lax in both their security protocols when dealing with customer enquiries and also checking that their staff are putting the protocols into practise.
It would appear that financial institutions are willing to hand over money from your account with the barest minimum of security checks. Also the fraudulent usage of cheques seem to be of little interest to banks unless the amounts involved are of a substantial nature.
What checks are being made with regard to data protection protocols when banks shift their call centres to other countries?
2. Nigel Perry
The claims of vendors to provide security are not credible. I doubt that any security system is proof against human fallibility and criminality. It would help a lot though if we could avoid having to remember several different and frequently-updated passwords. That method just locks me out of my own house.
3. David Fletcher
I have been managing my bank accounts and a nominee account for trading shares via the internet, and using on line shopping facilities for books, computer parts, camera film and memory cards, DIY tools, etc., for longer than most people I think, and so far I have had no problems at all with identity theft.
Of course I have numerous passwords. I generate passwords by closing my eyes and tapping as randomly as I can on the keyboard. I store my passwords on the computer, because that is where I use them, but they are all encrypted using kgpg for Linux which I find more convenient to use than PGP for Windows.
But just as importantly, I purchased a cross cut document shredder. I used to take all my old banks statements and utility bills out to the back garden and burn them, but now that I can shred them there is no need, and they go for paper recycling along with the newspapers and magazines.
I know that there have occasionally been problems with personal information being revealed by website programming errors, but people can mostly protect themselves through common sense, i.e. not letting their credit cards out of their sight, using free software tools to encrypt passwords, and buying a decent shredder.
4. anonymous
I don't know about it being 'in my mind', but I am concerned that so many sites ask unnecessarily for one's date of birth. People running prize draws, for example. If they want age for marketing purposes, they should ask for age group only.
5. anonymous
Recently my son was rung by his Bank to ask whether he had made a transaction of £2,000 to a credit card company from his Switch card. He had not-but it took him a month to get his money back from the Bank after they had 'checked it out with the police' and he had to pay interest meantime on the £2000 overdraft they gave him while enquiries were made. It seems someone may have made an application in his name, obtained his bank details somehow and used the account. Fortunately the Bank were on the ball in checking an unusual transaction. The downside was having to wait for a new card to arrive.
6. anonymous
It is amazing how easy Identity theft is. When my father died two years ago we placed a obituary in the local paper and then put his house up for sale. Some where between the post office the estate agent and the information in the newspapar. His Identity was stolen and some 6 credit cards two bank accounts and a business account were opened in his name. Needless to say the banks accepted responsiblity as he was not alive however it was quite distressing fir the relatives. I am therfore a whole hearted support of the introduction of identity cards with proper security as they are the best way to protect honest people.