Some Thoughts to Digest on Identity Theft

Identity theft….Credit Card Protection….Data Breach….Fraud Alert….Credit Freeze.   All phrases no one wants to hear but they remain front and center in our lives.

Let’s face it, we live in a world where crime rises as the economy falls.  As people lose their jobs or become “under-employed”, they may become desperate to meet their financial obligations.  And unfortunately, sometimes people turn to crime.  Crime is not always robbing a bank or breaking into a home or business.  Sometimes it becomes a bit more personal……identity theft.

We are seeing a dramatic rise in identity theft.  According to the Washington Post, there were more than 8.1 million victims in 2010 alone.  By capturing some basic information like social security number, date of birth, and address, thieves can open new credit card accounts, bank accounts, and even make major purchases like cars in YOUR name.  Any of you who have experienced identity theft can attest to the time and expense it takes to repair your name and credit ratings.

Individuals have become more aware of the threat of identity theft.  Many families are shredding their personal information like charge card receipts, bank statements, utility bills, checks, etc. before disposing of them.  While this habit certainly helps, an individual needs to do more.

Businesses have been fighting back, by participating in programs like “PCI Compliance”.  PCI Compliance is a standard set by the credit card industry to ensure secure handling and data retention for credit card transactions.  Compliance includes a checklist of steps like criminal background checks on employees, encrypting the data transmissions of sensitive information, using and maintaining anti-virus software within a data platform, and more.  If a business does not adhere to PCI compliance regulations, and a data breach occurs, the compromised business may be subject to additional fines and/or penalties.

A data breach can be extremely costly to a business. According to Information Week, the cleanup of the latest Sony data breach of their Playstation network will cost the company upwards of $171 million!

Many businesses have begun purchasing insurance programs to provide coverage for credit repairs should a breach occur.  Many of these are limited programs and provide only notification, not assistance in repairing the damage. Those services come as an extra cost on many polices.

A new trend is developing in the market that is little known to the consumers.  Businesses are purchasing identity theft solutions for their data bases, which can be upsold to provide comprehensive coverage to the consumer for a dramatically reduced price.  Because the large corporations have the power of a substantial subscriber base, they are able to negotiate favorable rates for their customers.  These programs are being packaged as another “benefit” to being a customer or member of an organization.   Comcast is the latest example of a business to roll out a program for it’s customers, calling it “Constant Guard from Xfinity”.

Whether you have a business looking to add an identity program to your suite of products or an organization or union looking to add benefits for your members, contact me @Davehanron on Twitter or via email at Dave@davehanron.com for more information on the available programs.

Worried About Identity Theft? Some Thoughts.......

As I’m sure mostly everyone is aware, Sony’s Playstation 3 on-line network and Qriocity streaming video and music service were hacked and were offline from April 20, 2012 to May 14, with all services restored by May 31, 2011.  According to Sony, as many as 77 million subscribers may have subject to privacy invasion, involving sensitive information including credit card numbers, security information, and purchase history.

According to a story published in the International Business Times, Sony has issued apologies for the breach and vowed to pay damages to affected users.

The problem this brings to light is how do today’s businesses protect themselves from these types of data breaches going forward? 

In today’s information age, the likelihood of future identity breaches is a constant threat.  There are identity protection services popping up all over the internet.  If you were to “Bing” identity theft companies, you’d get over 2.4 million results.  Google provides even more stunning results, more than 14 million companies providing the service!

But should the Consumer have to pay for this protection themselves?  Many people do….but is it necessary?  A little known fact is that the government passed an act called the “Red Flag Rules” as part of the Fair and Accurate Credit Transactions Act in 2003.  In summary, this Act requires financial institutions and creditors to provide for the identification, detection, and response to patterns, practices, or specific activities, known as Red flags, which could indicate identity theft.  These programs are required to be in place by November 2009.

According to Chris Heidkamp, VP of Channel Sales at Securus Identity Solutions, “While the Red Flag Compliance regulations don’t legally require any specific type of program be put in place, many corporations have neglected to implement any identity theft program because they felt the cost was prohibitive.  That is simply not the case any longer.”

According to Heidkamp, “programs can start as low as 15¢ per subscriber per month. This protection can provide the consumer the peace of mind they’re looking for in the event of a data breach like those seen at Sony and Epsilon.  Many of us have received the letters regarding the Epsilon breach, coming from merchants like Verizon, Hilton Hotels, Air Miles, Best Buy, Citigroup, and Walgreens.  This heartache can be avoided with the addition of a corporate identity protection program.”

It would seem it would be worth a phone call to your utility company or other monthly creditor to determine whether they have an identity program you can participate in.  Ask for the company’s position and business plan for “Red Flag Compliance” and you may just avoid the cost of a personal identity protection program.

If you would like any additional information on Red Flag Compliance, please contact me directly at @Dave Hanron or Mr. Heidkamp @ChrisHeidkamp on Twitter or Heidkamp@securus-solutions.com