BROOMFIELD — Different studies offer different numbers as to the extent of identity theft in the United States: One study said 7 million people in the United States were affected last year, while a Federal Trade Commission study pegs the number at 10 million, with an annual worldwide cost of $47 billion.
Regardless, when the crime’s victims include the head of the CIA, you know the problem is quite serious.
“In the U.S., it generally takes 13 months to find out your identity’s been stolen,” said Avivah Litan, vice president and research director of the Internet consulting company Gartner/G2.
Litan was moderator of a panel on identity theft this week at the Future of Money summit and, ironically, she admitted that she once had her own debit card number stolen as the result of an online transaction.
She said a Gartner survey found that 7 million Americans had been a victim of identity theft in the past year, an 80 percent increase over the previous year.
To make matters worse, thieves have better than a 1-in-700 chance of being arrested at the federal level.
There are various types of identity theft and fraud, from someone making up a fake identity based on someone else’s real information to someone stealing information and pretending to actually be the victim, sometimes completely taking over a person’s bank or credit card account.
What these crimes have in common, experts say, is that the explosion of the Internet has only made their frequency worse. The online fraud market, Litan said, is 15 times higher than offline fraud.
Online sales, she said, is the fastest growing payment channel and also one of the most vulnerable.
“Fifty-two percent of all fraud cases are identified by the individual” (rather than either the merchants or the person’s bank or credit card company), said Jim Van Dyke, the founder of Javelin Strategy and Research.
In many cases, technology has outpaced security measures, the panelists said. Now, many of the industries involved are playing catch-up.
“The technology is absolutely out there (to prevent fraud) — it’s been out there for years,” said Souheil Badran, director of payment services for VeriSign. “But what is the incentive for merchants to use it?
“Will every merchant adopt it? The answer is, hopefully, yes, but the adoption rate has been very low.”
Badran said his company has approximately 100,000 merchant clients that use VeriSign’s services. “(Some merchants say) it’s too much of an investment for me, considering the amount of business I’m doing online.”
Standardization of the technology and the ability for companies in different industries to use it to share information among themselves is another hindrance, said Litan.
“It’s got to be shared across industries, across consortiums, and that’s what we’re starting to see happen,” Litan said.
In her own case, Litan said she was able to trace the theft of her debit card number to an online bookseller — the only place she ever used the card. She added that she didn’t blame the merchant.
“They probably didn’t even know they’d been hacked,” Litan said.
She urged consumers to use online account management when possible, to be diligent about destroying any paper documents that may contain personal information, and to closely monitor their credit reports.
The rapid pace of technology, the ingenuity of those who would seek to cash in by doing harm to others, and the continued rise in e-commerce all make the problem of identity protection a vexing one. The rise in international identity theft and fraud only amplifies the problem.
“My theory is that the only one that is incented to fight this are consumers,” said Litan. “Banks really don’t have the incentive to fight this.
“It’s not that they’re malicious, they just don’t have any incentive to fight this. They just write it off as a credit loss.”
If there was one consensus among Tuesday’s panelists, it was a warning to consumers to watch your back.
“You know that little box that comes up and says, ‘Trust all content from Microsoft — check yes?’” said Tom Wills, an e-business security strategist and consultant. “Never check that box.”
Tony Kindelspire can be reached at 303-776-2244, Ext. 291, or by e-mail at email@example.com.