Breach Of Trust

Data breaches are a constant threat and put companies in danger of losing their most valuable asset: customer trust.

George V. Hulme, Contributor

April 30, 2004

3 Min Read
InformationWeek logo in a gray background | InformationWeek

Some companies use technology to spot fraudulent activity more quickly and stop the damage. It's an approach that accepts that, no matter how much work companies do to secure their systems, identity and customer-data theft is here to stay. "The problem is like a water balloon: When you squeeze hard in one spot it gets ready to burst somewhere else," says one financial-services executive who asked not to be named. Last year, his company installed a service from startup ID Analytics Inc. that spots fraudulent applications submitted to financial, cell-phone, and utility companies. ID Analytics claims its service spots fraudulent applications--up to 40% more--missed by the anti-fraud systems already in place at those companies.

ID Analytics says that last year it studied more that 200 million credit applications--including 10 million suspected or known fraudulent applications--collected by credit-account issuers, retail banks, and wireless-service firms to spot the similarities among phony applications. It used this database to develop pattern-recognition software to help companies reject or investigate suspect applications. Since utilities, phone companies, and credit-card providers that subscribe to the service feed their data into ID Analytics' system, it's possible to spot potentially fraudulent activity that crosses company borders. For instance, a person planning a fraudulent act may set up a phone number and address on one day and then apply for a car loan. ID Analytics' software can analyze the data from those multiple sources and develop what it calls an ID Score. The company says more than 70 variables on credit applications have proven valuable in spotting suspicious activity. "It's been working very well for us," says the financial-services exec. "It's caught fraudulent activity we otherwise might not have identified right away."

The availability of technology that can better spot fraudulent activity and fight identity theft is good news, but it's little comfort to those whose identities and personal information have already been swiped. Lawmakers hope that tougher laws and prison sentences for hackers and identity thieves and tougher security regulations can slow the spiraling growth of identity theft (see story, "New Laws: Identity Thieves Could Face Stiffer Penalties"). And many companies are working to improve their security and do what they can to lock down customer data. "We're always on the lookout for the next threat," says Bob Justus, senior VP of corporate information security and IS/IT contingency at Union Bank of California.

Guilbert, whose bank account was almost breached, is looking out for the next threat, too. She's in the process of placing a fraud alert on her credit files, and she's eyeing her credit reports for any suspicious activity. She's not certain what the future may hold and if the attempt to scam her ATM card is the end to her situation or the beginning of an identity-theft nightmare. For her upcoming birthday, Guilbert has a new gift request: a paper shredder. Says Guilbert, "What else can I do?"

Illustraton by Brian Stauffer

Continue to the sidebar: New Laws: Identity Thieves Could Face Stiffer Penalties

About the Author

George V. Hulme

Contributor

An award winning writer and journalist, for more than 20 years George Hulme has written about business, technology, and IT security topics. He currently freelances for a wide range of publications, and is security blogger at InformationWeek.com.

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like


More Insights