Identity fraud levels in
the UK remained stable in 2010 compared with the previous year, but
it is striking that this type of fraud now accounts for almost
one-half of all frauds recorded. Andy Thomas, managing director of
identity theft prevention specialists, Garlik, argues that banks
need to do more.

In the past, the
trust relationship between a customer and their bank was
straightforward – I will keep my banking details secret and you
(the bank) will reimburse me if I suffer any loss. If I share my
PIN numbers or bank log-ons with anyone then you might hold me
liable for any subsequent losses.

This relationship is now at
significant risk. Customers are being encouraged to share more and
more about themselves online with every service they use, including
social networking sites and online stores.

This means that the security
of their identity and vital personal information, including banking
log-ons, has in effect been handed over to numerous third parties.
A customer’s personal data is now only as secure as that of the
least secure person or service they have shared personal
information with.

A simple illustration of this
is a coffee shop loyalty card. When you sign up online you are
asked for to provide your name, address, phone, date of birth among
other details – information that most of the human race will
happily share for a free coffee.

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

View profiles in store

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData

Submit

UK USA Afghanistan Åland Islands Albania Algeria American Samoa Andorra Angola Anguilla Antarctica Antigua and Barbuda Argentina Armenia Aruba Australia Austria Azerbaijan Bahamas Bahrain Bangladesh Barbados Belarus Belgium Belize Benin Bermuda Bhutan Bolivia Bonaire, Sint Eustatius and Saba Bosnia and Herzegovina Botswana Bouvet Island Brazil British Indian Ocean Territory Brunei Darussalam Bulgaria Burkina Faso Burundi Cambodia Cameroon Canada Cape Verde Cayman Islands Central African Republic Chad Chile China Christmas Island Cocos Islands Colombia Comoros Congo Democratic Republic of the Congo Cook Islands Costa Rica Côte d"Ivoire Croatia Cuba Curaçao Cyprus Czech Republic Denmark Djibouti Dominica Dominican Republic Ecuador Egypt El Salvador Equatorial Guinea Eritrea Estonia Ethiopia Falkland Islands Faroe Islands Fiji Finland France French Guiana French Polynesia French Southern Territories Gabon Gambia Georgia Germany Ghana Gibraltar Greece Greenland Grenada Guadeloupe Guam Guatemala Guernsey Guinea Guinea-Bissau Guyana Haiti Heard Island and McDonald Islands Holy See Honduras Hong Kong Hungary Iceland India Indonesia Iran Iraq Ireland Isle of Man Israel Italy Jamaica Japan Jersey Jordan Kazakhstan Kenya Kiribati North Korea South Korea Kuwait Kyrgyzstan Lao Latvia Lebanon Lesotho Liberia Libyan Arab Jamahiriya Liechtenstein Lithuania Luxembourg Macao Macedonia, The Former Yugoslav Republic of Madagascar Malawi Malaysia Maldives Mali Malta Marshall Islands Martinique Mauritania Mauritius Mayotte Mexico Micronesia Moldova Monaco Mongolia Montenegro Montserrat Morocco Mozambique Myanmar Namibia Nauru Nepal Netherlands New Caledonia New Zealand Nicaragua Niger Nigeria Niue Norfolk Island Northern Mariana Islands Norway Oman Pakistan Palau Palestinian Territory Panama Papua New Guinea Paraguay Peru Philippines Pitcairn Poland Portugal Puerto Rico Qatar Réunion Romania Russian Federation Rwanda Saint Helena, Ascension and Tristan da Cunha Saint Kitts and Nevis Saint Lucia Saint Pierre and Miquelon Saint Vincent and The Grenadines Samoa San Marino Sao Tome and Principe Saudi Arabia Senegal Serbia Seychelles Sierra Leone Singapore Slovakia Slovenia Solomon Islands Somalia South Africa South Georgia and The South Sandwich Islands Spain Sri Lanka Sudan Suriname Svalbard and Jan Mayen Swaziland Sweden Switzerland Syrian Arab Republic Taiwan Tajikistan Tanzania Thailand Timor-Leste Togo Tokelau Tonga Trinidad and Tobago Tunisia Turkey Turkmenistan Turks and Caicos Islands Tuvalu Uganda Ukraine United Arab Emirates US Minor Outlying Islands Uruguay Uzbekistan Vanuatu Venezuela Vietnam British Virgin Islands US Virgin Islands Wallis and Futuna Western Sahara Yemen Zambia Zimbabwe Kosovo

Industry * Academia & Education Aerospace, Defense & Security Agriculture Asset Management Automotive Banking & Payments Chemicals Construction Consumer Foodservice Government, trade bodies and NGOs Health & Fitness Hospitals & Healthcare HR, Staffing & Recruitment Insurance Investment Banking Legal Services Management Consulting Marketing & Advertising Media & Publishing Medical Devices Mining Oil & Gas Packaging Pharmaceuticals Power & Utilities Private Equity Real Estate Retail Sport Technology Telecom Transportation & Logistics Travel, Tourism & Hospitality Venture Capital

Tick here to opt out of curated industry news, reports, and event updates from Retail Banker International.

Submit and download

Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

Once registered, as happened
to me, you receive a plain text e-mail containing both your
username and the password you had set up for the
service!

Immediately, my personal data
security is but at risk. Someone could easily be ‘watching’ or just
have access to my email and use the login credentials I have been
sent to find out a lot more about me.

So, the basic information
needed to commit identity fraud, account takeover, etc, is widely
available because we are all encouraged to spread it around daily
and widely.

Therefore the
basic trust relationship between customer and bank is weakened,
even invalid, because whilst the consumer might keep their PIN
secret, they have given 20 different organisations all the vital
information needed to try and commit fraud against them.

This problem is complicated
even further by the fact that most customers use the same e-mail
addresses and password for most of the online services they use.
This is a serious risk for customers and banks, but the genie is
out of the bottle and there is no way to put it back – we cannot
change overnight the way information is secured and shared on the
internet.

The only viable thing that
can be done is to step up our efforts to educate consumers about
protecting their identity.

Banks have long realised that
helping customers improve their security is mutually beneficial,
reinforces the trust relationship, and protects them against fraud,
as well as the consumer.

For many years all banks have
done this through free antivirus software, secure browsers, even
the more recent addition of two-factor authentication.

But the situation has
changed, the information that needs to be secured is everywhere and
not under the control of either party – the risks are much larger.
Using antivirus to protect against malware offers some protection,
but in today’s environment is like being given paracetamol for a
fractured leg – it offers some pain relief, but won’t fix the
problem.

For banks there
has to be a change of message and action, a move beyond “do not
disclose your PIN to anyone” to “tell us if you think anyone might
have got their hands on your vital personal data”.

To support this request banks
have an obligation to give customers the tools to help them detect
this disclosure and stay safe.

The onus is then on the
customer to act if they become aware that such a loss has happened
and to guard their vital data as they would their PIN.

Banks also need to do much more to help their customers
look after their personal information in the real world.