In the wrong hands, digital footprints can turn into a blueprint for fraud.
Particularly as identity theft proliferates and becomes more sophisticated, data breaches are increasingly turning personal and business information into a goldmine for cybercriminals looking for their next payday.
“We are at about four times the level of data that has been breached this year to date compared to last year,” Intellicheck CEO Bryan Lewis told PYMNTS CEO Karen Webster. “So, it is definitely a problem.”
Every data breach is a step closer to someone else living your life. As cybercriminals ramp up their own attacks and tactics, technology must evolve to stay ahead of new attack vectors and fraud techniques, something typically easier said than done. Data breaches are not just becoming more frequent; they are also compromising vast amounts of sensitive information, including personal identification details that can easily be exploited for identity theft.
“If you go to these sites where you can now go steal somebody’s identity, you can plug in everything right down to a driver’s license number,” explained Lewis, stressing that identity theft is no longer just a concern for financial institutions; it has permeated all aspects of daily life.
A particularly concerning case is the National Public Data breach, where 2.9 billion records were compromised. The breach is especially worrying because the organization specializes in background checks, meaning the stolen data includes not just Social Security numbers, but also employment histories, addresses, alias names and other personal details that can be used to create a complete and convincing identity profile, Lewis said.
The implications of such breaches are far-reaching, in large part because the sheer volume of new data being added to criminal repositories on the dark web only serves to lower the cost of purchasing stolen identities, making identity theft more accessible to criminals.
Read also: Intellicheck CEO: Fraudsters Using AT&T’s Call Log Breach to Build Consumer Profiles
One of the most frightening aspects of modern identity theft is the potential for criminals to create government-issued identities using stolen data. With the right combination of information, a criminal could theoretically pass the typical screening processes and obtain a legitimate ID.
While it may still be challenging to pull off such a feat, Lewis explained that the ease with which criminals can now access detailed personal information makes it increasingly possible.
He underscored that the traditional methods of verifying identity, such as knowledge-based authentication and physical checks using black lights, are becoming less effective in the face of these sophisticated threats. Knowledge-based questions, once seen as a robust security measure, are now vulnerable due to the proliferation of personal data. With criminals having access to detailed information about a person’s life, including previous addresses and even dorm room numbers, it has become easier for them to answer these questions correctly and bypass security measures.
“The stuff that used to be hard to know is now becoming prolific, and everybody has it and knows it,” Lewis said. “My particular bank, they still rely on a black light to check if the ID is real or not. Which, maybe it makes me think I should change my bank because that just does not work.”
In response to the growing threat of identity theft, businesses and financial institutions must adopt more proactive measures to protect their customers’ identities.
The consequences of identity theft can be particularly severe in high-stakes transactions, and for businesses operating in such environments, it is essential to invest in advanced identity verification technologies and ensure their processes are robust enough to detect even the most sophisticated attempts at fraud. Consumers, too, must be vigilant in protecting their identities, choosing to do business with companies that prioritize security and take the necessary precautions to safeguard their personal information.
Lewis emphasized the importance of moving beyond outdated methods and instead focusing on verifying the authenticity of government-issued IDs. This involves not just checking the physical plastic, but also examining the data encoded in the barcodes on IDs, which is much harder to fake.
See also: The $400 Million Problem: Intellicheck CEO Details the Cost of Fake IDs
One promising approach to the evolving threat of identity theft is the development of identity scores, similar to credit scores, which would provide a measure of how trustworthy a person’s identity is based on various inputs.
Lewis noted that this could include data from government-issued IDs, behavioral patterns and other relevant information. By creating a comprehensive profile of an individual’s identity, businesses can better assess the risk of fraud and take appropriate action to protect themselves and their customers.
As the battle against identity theft intensifies, technology will play a role in helping businesses stay ahead of criminals. Machine learning and artificial intelligence are already being used to enhance the accuracy of identity verification processes, ensuring that even the most convincing fake IDs can be detected.
Lewis explained that the digital signatures and subdirectories within the barcodes of IDs are not publicly available, making them difficult for fraudsters to crack. This is where businesses must focus their efforts, he stressed, by ensuring that they are thoroughly checking the authenticity of IDs before relying on them for important transactions.
Additionally, the adoption of mobile driver’s licenses and other forms of digital identification is gaining traction to secure personal identities further. Although the rollout is still in its early stages, these technologies represent a promising future where identity verification is more secure and less susceptible to fraud.
“Building up a fake me is very easy to do, but working with other parties to say, ‘Here is what we trust,’ and putting the puzzle together will enable all of us to trust more,” Lewis said. “That, I think, is what will happen in the future.”