Identity Theft – Why Does It Happen So Often?

Did you know that over 17.6 million U.S. residents fall victim to identity theft each year? That equates to an identity being stolen every 2 seconds in the U.S. alone. Take a moment to consider just how massive this issue really is…

There are many ways that hackers can access our personal information, such as social media, online shopping, use of public wi-fi, and the chronic issue of phishing emails. There is no doubt that criminals are finding consumer identity theft easy, low risk and incredibly lucrative. Identity theft is now a preferred criminal activity that is big business and growing annually.

I am speaking with Steve Medcalf, the President of Global MFA company Mi-Token, about the rapid growth in Identity theft and why we should be more vigilant.

“We all seem to know someone that has had their identity stolen, their credit card used to pay for someone else’s expenditures. And we all need to assume that if we are not adequately prepared, it will eventually happen to us, and our customers.

So why aren’t we being more proactive and vigilantly securing our personal details and assets from this type of criminal activity? I think the average citizen finds this level of intrusion so overwhelming that they don’t know where to begin to protect themselves. We also believe the banks and law enforcement agencies will protect us from this type of fraud and we automatically assume the banks will reimburse us.

We are not winning this war against the criminals perpetrating identity fraud, so it’s critical to learn how to protect ourselves and our organization from identity theft and avoid becoming another statistic. Let’s face it, there are very few repercussions for criminals who steal personal information and even if an incident is reported to Police, it is a very difficult crime for your average law enforcement officer to understand or begin to investigate. Most Police Departments investigate only a very small percentage of cases (reportedly as low as 1 %).

For individuals, identity theft can take a huge toll, irreparably destroying credit scores and limit your ability to take out a loan. However, for an organization whose customers suffer identity and data theft, the repercussions are usually not limited to just compensation claims, which are often in the mid-six figures by the time the criminal activity is detected.

You will most likely also find your business experiencing some or all of the following:
– reputation loss as your irate customers talk online about the issue
– loss of business from deserting customers
– competitors stepping in to take advantage of the situation
– fines or court cases resulting from the thefts
– an increase in insurance premiums and higher excesses / deductibles
– in the worst of cases, businesses closing their doors.

Many consumers are careless with their information, secure in the knowledge that banks will cover their losses. However, it could be argued that companies have even more at risk than just the potential monetary losses. For this reason businesses need to take the lead and protect their private and often sensitive data. Many systems, services and online processes are provided without the implementation of multi-factor authentication, and if it is included, would most likely be an after thought. Internal data and customer information is most often protected with user name and password. Once these are compromised, access can be uncontrolled. It is even worse when a administrator’s password is compromised, as not only can all data be obtained, but an environment can be maliciously damaged.

Multi-factor authentication is a simple yet very effective way to deter hackers. Mi-Token uses multiple authentication ‘factors’ to ensure that identities remain protected. The factor types include, something only they would have (a device, usually a cell or token), something only they would know (knowledge, such as a PIN), and something physical (a device, biometric finger print or facial recognition). A user is only granted access after successfully presenting a combination of these separate factors.

As an MFA vendor I would be absolutely recommending the implementation of our technology and we’re currently seeing a global push by regulatory authorities who are mandating MFA. There are a growing number of regulations such as : GDRP and PCI DSS 3.0 to name only 2, which have been architected to secure and protect private information (not just credit card numbers). This is a positive step towards reducing the theft of private information from both corporate and personal repositories.

If I had to provide a single piece of advice to companies and their customers, it would be – don’t stick your head in the sand, and to use an MFA solution to access your valuable/private information. You will also be surprised as just how quickly and simply you can implement a solution.

To find out more about our multi-factor authentication system visit: https://www.mi-token.com