According to CIFAS, reported increases of ID fraud are on the rise in the UK and these crimes accounted for almost half of all fraud in the first quarter of 2015. Adding to this, it has been confirmed that cybercrime is now the UK’s most common offence. There is a clear problem for both consumers and businesses when it comes to ID theft, so how can we make sure our personal details stay safe?
There are three primary reasons behind the increase of identity theft in the UK:
Thoughtless social media behaviour
Social networking activity is on the increase and in turn users are posting a lot of personal information online without a second thought. This can be anything from a phone number, date of birth or address – invaluable data for a cybercriminal. Rogue third party apps on Facebook are also a hazard, in the way that some of them eventually trick users into installing malware on their device.
More mobile use and less security
Weak mobile security combined with a global increase in smartphone adoption will inevitably lead to issues when it comes to ID theft. But users can take small steps in the right direction to avoid ID theft should their device be stolen. For example, ensuring no login details are stored on the device or using a PIN to protect the lock screen.
Hackers outsmarting large companies
There have been some widely reported data breaches in the past year at large, established organisations including eBay, British Airways, and Experian. The sheer size of these companies makes it difficult for them to be agile and adapt to the changing threat landscape. By the time they have improved their infrastructure to combat one threat, several more have appeared. Other brands are taking note of the failures, and attempting to make sure it doesn’t happen to them: BT announced this week that it would be employing a further 900 people into its security team over the next 12 months, with a focus on cybersecurity.
The value of your personal details to cybercriminals does not come from the immediate information they reveal. The value lies in how this data could be used in future. That’s why hackers usually sell stolen information onto criminal organisations, as opposed to exploiting the stolen information themselves.
Speaking of value, it’s going down. This is easily explained through basic economics; a matter of supply and demand. Such has been the success for hackers when it comes to stealing personal data, you can now get a ‘Fullz’ (full financial information including name, address, credit card info, and date of birth) for as little as $15 (£10), down from $25 (£18) in 2013.
Creating a secure online environment
80 per cent of ID theft occurs online so it’s vital for businesses to create a secure online environment for customers. Otherwise, they risk a serious breach and the negative media headlines that come with this. Regardless of the details of the breach, the public’s perception can be swayed by a single headline: during the first three months of 2016, about 125,000 customers abandoned TalkTalk’s broadband service, with a further quarter of a million switching away in the 3 months previous to that. It is little wonder that TalkTalk is aggressively marketing its promotions and low costs at the moment - it needs to stop the rot.
But there is an ongoing battle between customer experience and compliance. At the moment, user experience is strongly affected by expensive ‘Know Your Customer’ processes. Customers are often put off during registration to a site and subsequently turn away from it. Research commissioned by BNY Mellon found that 45 per cent of respondents blamed the failure of an onboarding procedure on poor communication. Other factors that contribute towards drop-outs include a perceived lack of support, too many requests for data and repetition of them.
As a result, it’s not enough to simply create a secure online environment for customers – companies that do this will likely survive, but will not mark themselves out from competitors. It is those that foster a secure process while maintaining a great customer experience that will ultimately flourish.
ID and biometrics
Technological advancements such as biometrics can play a key role here as they reduce the need to create a username and password. The ease of biometric authentication – which can be used safely and effectively on any device – is as convenient for the customer as it is for the organisation. Companies that achieve this balance are those that will lead the way in both security and customer experience.
There is a clear need for consumers to prove who they are to businesses online. In turn, businesses need to ensure their security provisions are trustworthy. It’s vital companies wake up to the need for trust online if the UK’s digital economy is to continue to grow successfully.
Paco Garcia, CTO at Yoti