|Posted on May 20, 2016 at 12:25 AM|
Analysis: How does it happen in the digital age and how can cyber security prevent it ?
With so much information online, identity theft is becoming an increasing danger in cyber space.
Identity theft means somebody taking somebody else's personal information and using it without authorisation for personal gain.
This personal information could include passport numbers, bank details or even information as mundane and seemingly innocuous as a name or date of birth.
Online, data is regularly harvested by cyber criminals through a range of methods. This includes broad brush approaches such as phishing, which can beguile unsuspecting victims into sharing information.
In February, the ThreatMetrix Digital Identity Network was released which analysed over 15 billion transactions in real time over the previous 12 months. It noted a 40 percent increase in fraudulent transactions and cybercrime activity specifically targeting the financial industry.
Part of this activity involves bots, which are software applications that run automated tasks over the internet perform simple and repetitive tasks much quicker than a human could. They are used to take potential user credentials and then repeatedly test them against different accounts, verifying their validity.
The ultimate value of this information is that it provides access to financial assets online. However, information can also be fed back into new phishing attacks that target a broader range of contacts, with personal information deployed to make a phishing email more convincing.
Many cyber security companies are attempting to address this fundamental problem with identity in the digital era. Since consumers are often more concerned with the convenience of a transaction than they are with its security, an approach needs to be found that balances these two factors.
This means that ways of verifying identity that use new sources of information such as location or biometrics are seeing increasing usage.
For example, if somebody has a bank account code but is unable to submit a correct fingerprint then they might be prevented from completing a certain transaction.
Another example might be using the location capability of a smartphone to check whether an access request is coming from an unusual location where a particular person doesn't normally travel.
Overall, identity theft may seem like more of a possibility in the digital age, but more and more ways of mitigating it are being developed.