We need to stop calling this identity theft. It isn't. It is fraudulent use of identifying information. It is fraud -- and solving the issue is the responsibility to the banks and financial institutions that see it as a cost of doing business instead of something they need to stamp out.
Calling it identity theft is not only inaccurate - but also shifts the blame to the person instead of the institutions that allow and foster it through policies and procedures based upon risk instead of what is right. It is hard to provide good authentication and authorization -- and so instead of tackling and solving the problem they put in procedures and polices that minimize the problem instead.
Calling it identity theft is not only inaccurate - but also shifts the blame to the person instead of the institutions that allow and foster it through policies and procedures based upon risk instead of what is right. It is hard to provide good authentication and authorization -- and so instead of tackling and solving the problem they put in procedures and polices that minimize the problem instead.
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/newsbriefs/694/2394#2394