The State of Identity in a Digital Age
Cybersecurity attacks captured headlines last year as Bloomberg declared 2017 the ‘Year of the Data Breach,’ with a record-setting 1,253 publicly reported data breaches.¹ New malware, including ransomware threats, hit an all-time high.² Additionally, the number of identity fraud victims reached 16.7 million U.S. consumers and account takeover fraud tripled from the previous year.³
As we enter 2018, the ‘state of identity’— particularly in a digital world—is top of mind for those of us in the business of helping safeguard consumers and enterprises from credit and fraud risk. The ever-shifting and dynamic nature of cyberattacks and fraud compromises means we need to stay one step ahead of the bad guys.
As people become increasingly connected across digital channels, their identity footprint has expanded exponentially. The digital age allows more freedom for consumers to do almost everything on their terms—open new accounts, hail a car through ride-share services, share vacation photos in real-time on social media sites and even send highly confidential information via email. In turn, it provides more ways for a person’s identity to be exposed and put at risk. According to the Norton Cyber Security Insights Report more than half of the US adult online population were affected by cybercrime in 2017.⁴
With every click, swipe and tap, our digital persona leaves a trail of breadcrumbs, from how and where we use our mobile devices, to what we use as account access credentials. We’re not always as cautious as we should be. We forget to update apps and other software to the latest versions, and often share personal information on social media without considering the consequences. It is convenient to use the same user name and password for multiple accounts and easy to forgo changing those passwords on a regular basis.
The Norton report revealed that 24 percent of cybercrime victims use the same online password across all accounts and 60 percent share passwords for at least one account with others.⁵ A failure to adequately safeguard digital account credentials and personal information online can lead to an increased risk of identity theft. The ID:A Labs study ‘Online Privacy vs. Security’ found that individuals with a high exposure fraud score, meaning the degree to which they share personal information online, were four times more likely to be victims of identity fraud. There is certainly room for consumers to take a more active role in their digital safety, and at the same time advancements in technology, data and analytics may help keep these threats at bay.
Organizations can help protect consumers and enterprises by looking at an array of signals across an identity footprint that help spot out-of-pattern behaviors. Systems that use identity intelligence can help uncover anomalies in a consumer’s behavior that detect when an identity may have been compromised. This is a complex science that can be supported by machine learning.
There is a lot of excitement and intention these days about machine learning and artificial intelligence (AI). Sometimes the terms are used interchangeably; it is important to understand there are fundamental distinctions. AI involves machines that mimic human intelligence, such as Amazon Echo’s Alexa and Apple’s Siri. Machine learning enables organizations to sift through vast amounts of data in a way that humans cannot. Machine learning techniques underpin a wide range of applications, including AI.
The algorithmic approaches used in machine learning, especially the underlying math, have been around for a long time. However, we now have technology that allows us to use machine learning to solve problems at scale—such as leveraging machine learning technology to better identify fraud trends.
A digital world will always bring opportunities yet won’t ever be void of threats. How can we break the kill chain to disrupt criminals without putting up too many hoops for consumers?
Data and advanced analytics can help uncover suspicious behavior by looking at the connections between individual identity elements. Machine learning advancements enhance our ability to thwart criminal attacks by helping us identify patterns more quickly.
In fraud detection zero-day detection capabilities exist. When we combine evidence of organized cybercrime and malware threats with identity intelligence we can break a link in the attack chain. Going forward, by bridging the worlds of cybersecurity and fraud detection, we can move to earlier detection with the ultimate goal of prevention altogether.
Scott Carter is the Chief Executive Officer of ID Analytics
1. Bloomberg, https://www.bna.com/2017-year-data-b73014473359/ (accessed January 26, 2018).
3. Javelin, (2018) Identity Fraud Hits All Time High With 16.7 Million U.S. Victims in 2017, According to New Javelin Strategy & Research Study [Press release]. Retrieved from https://www.businesswire.com/news/home/20180206005363/en/Identity-Fraud-Hits-Time-High-16.7-Million.
4. Symantec Corporation, https://www.symantec.com/content/dam/symantec/docs/about/2017-ncsir-united-states-results-en.pdf (accessed January 29, 2018).