The Times: Tech column - Identity theft/Googling the BBC
By David Rowan
ARE YOU sure that's really you reading this column? After all, with identity theft now Britain's fastest-growing fraud, there is a distinct possibility that you are not all you seem. As we conduct more of our daily transactions over the Internet, and pressure grows for our personal details to be cross-matched across countless official databases, it is no surprise that fraudsters find it ever easier to steal other people's identities, for everything from banking to immigration crime. So how easy is it to pass yourself off as someone else?
Terrifyingly easy, as we found out this week. It took 15 minutes on a couple of dubious newsgroups to locate stolen credit-card numbers on sale for a few £("alternatives provided if already cancelled"), and barely longer to find customers of a large insurance firm whose personal details a former employee allegedly stole from a confidential database and offered for sale on the Net. Today's dedicated ID thief, armed with a few details about you, can easily trawl databases to discover more, and so open new credit accounts in your name. You may be none the wiser until an early-morning visit from the bailiffs.
With 53,000 cases of identity theft reported last year to the UK Credit Industry Fraud Avoidance System, this crime is positively booming. The Government says it is costing the economy at least £1.2 billion a year, as more of us are using the Web and the phone to run our affairs. This is not simply a high-tech crime: often, thieves seek out personal details by raiding dustbins. According to a survey by the credit-reference agency Experian, one in every five bins contains a credit or debit-card number linked to an individual name. By the time you question your next statement, the culprit will have become somebody else.
The Government's solution is to make identity fraud a new criminal offence, allowing police to target suspected fraudsters even before a stolen identity has been used. It is also planning to create a database of stolen ID documents so that checks can be easily conducted online. These changes are important, and not before time. But the credit industry wants to go much further, giving private financial companies access to a range of official databases in the fight against fraud. It wants to cross-check credit applicants against public-sector databases holding everything from National Insurance numbers to social-security violations. Under the Data Protection Act, the Government believes that these records must be kept secret.
There are real risks in opening up these databases to a wider private-sector audience. The more people with access to your data, the greater the risk of it falling into unsavoury hands, as the former insurance worker has shown. The smart cards that the Government is planning to introduce will offer some protection, especially if they contain "biometric" information, such as your personal iris pattern.
Meanwhile, careful what papers you throw away or who you e-mail with your mother's maiden name. Someone out there may be trying to get to know you.
++++
GOOGLE, the most reliable Internet search engine, has found another taker for its technology: it now powers the BBC's new "family-friendly" web search, at bbc.co.uk, which has already got rival commercial services fuming about Auntie's latest encroachment on their turf. Actually, it's a useful interface which filters out the annoying paid-for listings that clutter up most search sites. It also helps to narrow down UK-specific sites more effectively than UKPlus's slow and overly commercial service, although results are still patchy. But the BBC's claim to filter out "pornography and other offensive material" ties it up into all sorts of knots. It blocks out anything about female dogs, blue tits or naturists, but happily led us to some raunchy babe galleries and the Ku Klux Klan.
(The Times, May 8 2002)
ARE YOU sure that's really you reading this column? After all, with identity theft now Britain's fastest-growing fraud, there is a distinct possibility that you are not all you seem. As we conduct more of our daily transactions over the Internet, and pressure grows for our personal details to be cross-matched across countless official databases, it is no surprise that fraudsters find it ever easier to steal other people's identities, for everything from banking to immigration crime. So how easy is it to pass yourself off as someone else?
Terrifyingly easy, as we found out this week. It took 15 minutes on a couple of dubious newsgroups to locate stolen credit-card numbers on sale for a few £("alternatives provided if already cancelled"), and barely longer to find customers of a large insurance firm whose personal details a former employee allegedly stole from a confidential database and offered for sale on the Net. Today's dedicated ID thief, armed with a few details about you, can easily trawl databases to discover more, and so open new credit accounts in your name. You may be none the wiser until an early-morning visit from the bailiffs.
With 53,000 cases of identity theft reported last year to the UK Credit Industry Fraud Avoidance System, this crime is positively booming. The Government says it is costing the economy at least £1.2 billion a year, as more of us are using the Web and the phone to run our affairs. This is not simply a high-tech crime: often, thieves seek out personal details by raiding dustbins. According to a survey by the credit-reference agency Experian, one in every five bins contains a credit or debit-card number linked to an individual name. By the time you question your next statement, the culprit will have become somebody else.
The Government's solution is to make identity fraud a new criminal offence, allowing police to target suspected fraudsters even before a stolen identity has been used. It is also planning to create a database of stolen ID documents so that checks can be easily conducted online. These changes are important, and not before time. But the credit industry wants to go much further, giving private financial companies access to a range of official databases in the fight against fraud. It wants to cross-check credit applicants against public-sector databases holding everything from National Insurance numbers to social-security violations. Under the Data Protection Act, the Government believes that these records must be kept secret.
There are real risks in opening up these databases to a wider private-sector audience. The more people with access to your data, the greater the risk of it falling into unsavoury hands, as the former insurance worker has shown. The smart cards that the Government is planning to introduce will offer some protection, especially if they contain "biometric" information, such as your personal iris pattern.
Meanwhile, careful what papers you throw away or who you e-mail with your mother's maiden name. Someone out there may be trying to get to know you.
++++
GOOGLE, the most reliable Internet search engine, has found another taker for its technology: it now powers the BBC's new "family-friendly" web search, at bbc.co.uk, which has already got rival commercial services fuming about Auntie's latest encroachment on their turf. Actually, it's a useful interface which filters out the annoying paid-for listings that clutter up most search sites. It also helps to narrow down UK-specific sites more effectively than UKPlus's slow and overly commercial service, although results are still patchy. But the BBC's claim to filter out "pornography and other offensive material" ties it up into all sorts of knots. It blocks out anything about female dogs, blue tits or naturists, but happily led us to some raunchy babe galleries and the Ku Klux Klan.
(The Times, May 8 2002)
<< Home