Summary of ITAC-Sponsored Event on Javelin Strategy & Research 2009 Identity Fraud Survey Report

Representatives from the FTC, Federal Reserve and other agencies gathered in Washington at an ITAC-sponsored event to discuss the latest findings of Javelin Strategy & Research’s 2009 Identity Fraud Survey Report, a comprehensive survey they’ve been conducting for five years now. The upshot of the discussion is what can be learned from the quantitative data – and what financial services professionals are actually experiencing in the field – to form sensible public policy to protect consumers.

The news is not good. Brian McGinley, a former ITAC chairman who now runs his own risk management consulting firm, described identity fraud criminals as terrorists who arrive in the night to do terrible damage and then disappear like smoke. They include street gangs who recruit corporate insiders to steal information, and global syndicates like the Russian Business Network (RBN). They operate indiscriminately with little threat of arrest and prosecution, enabled by technologies readily available on the Internet to steal information, which can then be bought and sold online.

Jim Van Dyke, founder of Javelin, found some good news among the bad. Identity theft grew by 22%, affecting some 9.9 million adults. The good news is it appears financial services companies and consumers are doing a better job detecting fraud so they can act quickly to prevent further damage. Here’s the news release.

Van Dyke attributed the increase to a deteriorating economy – a trend he expects will worsen in 2010 – as well as the growing sophistication of criminals. He stressed the importance of addressing the tough question of who owns an individual’s identity. The zero liability model (where the company assumes any financial loss) has not succeeded in changing consumer behavior. And financial services companies currently operate in a “paternalistic” manner to protect consumers. He suggests a more integrated approach where marketing, IT professionals, customer service work with consumers with a consistent protection message.

It is clear that technology alone cannot address identity fraud – it’s something like walking up a down escalator. But it is clear from today’s event that there must be resolve, across disciplines, to marry any technical solutions, authentication practices and education that’s meaningful to consumers.