MindBullets 20 Years

BILL CLINTON’S IDENTITY STOLEN

Another major scam, and one in five of us will be next

It just had to happen. After three years of escalating identity theft, a real celebrity has put the problem into the spotlight. Yesterday someone stole Bill Clinton’s identity and spent half a million dollars on his accounts in just thirteen seconds! Perhaps now this criminal epidemic will start to be taken seriously.

The year’s hottest shopping season has taken on weird dimensions all across the world as reluctant consumers, stung by years of financial and identity scams, characterized by yesterday’s lightning attack on Bill Clinton, are starting to impact sales figures.

Finally, a furor has broken out between government and financial services companies. A hastily arranged one-week task force is to come up with recommendations on how to address this annoying information age reality.

It may just have taken thirteen seconds to complete this latest scam but, luckily for Bill, it took just thirteen hours to identify and apprehend the perpetrator.

How would you know that YOUR identity has been stolen? And, what should you do about it?


ANALYSIS >> SYNTHESIS: How this scenario came to be

Background

Identity theft occurs when someone uses your personal information such as your name, credit card number or other identifying information, without your permission to commit fraud or other crimes.

Identity theft is a serious crime. People whose identities have been stolen can spend months or years – and their hard-earned money – cleaning up the mess thieves have made of their good name and credit record. In the meantime, victims may lose job opportunities, be refused loans, education, housing or cars, or even get arrested for crimes they didn’t commit.

In the USA theft of Social Security numbers became big news early in 2005 and the Federal Trade Commission created a web site specifically to advise consumers what to do if they suspected that they had been a victim.

Identity thieves may use a variety of low- and high-tech methods to gain access to your personally identifying information. For example:

  • They get information from businesses or institutions by stealing records from their employer, bribing an employee who has access to the records, conning information out of employees or hacking into the organization’s computers.
  • They rummage through your trash, the trash of businesses, or dumps in a practice known as ‘dumpster diving’.
  • They obtain credit reports by abusing their employer’s authorized access to credit reports or by posing as a landlord, employer or someone else who may have a legitimate need for and a legal right to the information.
  • They steal credit and debit card account numbers as your card is processed by using a special information storage device in a practice known as ‘skimming’.
  • They steal wallets and purses containing identification and credit and bank cards.
  • They steal mail, including bank and credit card statements, pre-approved credit offers, new checks, or tax information.
  • They complete a “change of address form” to divert mail to another location.
  • They steal personal information from your home.
  • They scam information from you by posing as a legitimate business person or government official.
    The implications are vast. Once identity thieves have your personal information, they may:
  • Go on spending sprees using your credit and debit card account numbers to buy ‘big-ticket’ items like computers that they can easily sell.
  • Open a new credit card account, using your name, date of birth and other personal details. When they don’t pay the bills, the delinquent account is reported on your credit report.
  • Change the mailing address on your credit card account. The imposter then runs up charges on the account. Because the bills are being sent to the new address, it may take some time before you realize there’s a problem.
  • Take out loans in your name.
  • Establish phone or wireless service in your name.
  • Counterfeit debit cards, and drain your bank account.
  • Open a bank account in your name and write bad checks on that account.
  • File for bankruptcy under your name to avoid paying debts they’ve incurred, or to avoid eviction.
  • Give your name to the police during an arrest. If they are released and don’t show up for their court date, an arrest warrant could be issued in your name.
    
2004: UK announces national identity card scheme
UK’s Hi-Tech Crime Unit admits that computer crime costs UK companies billions of pounds in 2003, because of the increase in trends such as identity theft. Hot on the heels of this admission the Home Office announces plans for a new National Identity Register to support its ID cards scheme.

Not content with a National Identity Register, a database of children, a population register, an online electoral register, centralized health records, passports and driving licence databases, the government announces plans for a database of all deaths. Quipped one reporter: “You can expect Buddhist MPs to call for a register of past lives”.

At the same time there are debates calling for a review of the many overlapping government and commercial databases of citizen information. That’s the great thing about identity theft – there are so many places to steal your identity from.

Technology is undoubtedly the key to thwarting identity theft and biometrics is better for verifying identities than almost any other technology. However, in the UK, half the population is worried about the security of the proposed ID card. They are worried that biometric technologies involved have not been proved on the necessary scale required.

Late in 2004 IBM ships fingerprint identification as an optional power-on feature in their top-of-the-range ThinkPad laptop computers.

2005: Free at The Ritz
In February, Choicepoint, an established trusted source of information that helps reduce fraud and mitigate risk, informs 145,000 consumers that their identities may have been compromised. The personal data at risk includes names, social security numbers, addresses, and credit reports. Basically everything a thief needs to steal your identity and ring up huge debts under your name. The company already admits 750 cases of identity theft from this disaster, which is bound to go much higher.

A massive fraud occurs at London’s Ritz Hotel. In the space of just 15 minutes it appeared as if the Ritz Hotel charged all their customers over the last two years the equivalent of five hundred pounds each, a total of more than fifty million pounds. Except that the funds were not directed into The Ritz bank account. “The money seems to have simply vanished” says a Scotland Yard detective.
Although 30% of the charges were actually declined by the card issuers the haul was still staggering. Where cards had expired the fraud software simply seems to have ‘guessed’ at the new expiry dates and got it right almost half the time.

2007: UK issues first identity cards
The government project, managed by PA Consulting, is ahead of schedule. The first trial cards are implemented and are an immediate success, and failure.
There have zero cases of fraud. Although the government project has recruited young geeks to break into the systems none have been able to do so.
Adoption by users has been remarkably good in some areas – it seems with a direct correlation of early user involvement. The technology though continues to prove disappointing. Error rates on point-of-sale fingerprint scanning are still at around 50% creating significant resistance. The technology vendors are being pout on the spot: Get the error rates to under 10% by January 2008 or risk being ejected as a supplier in the project.

2009: Joint government and commercial initiatives
Bill Clinton’s identity theft seems to have been the last straw. Finally everyone is sitting around the table talking solutions. Concerns for privacy seem to have been overshadowed by commercial realities.
Gone will be the days of simply presenting your credit card for payment. Even keying in your PIN at the point of sale will not be enough. There will now have to be positive biometric identification to accompany it. For on-line shopping IBM’s fingerprint identification feature in laptops (first introduced in 2004) is fast becoming the norm.
I remember the days when the USA first introduced fingerprint scanning at the country’s airports. Well, now we will have to get used to that level of security for every electronic payment.
Legislation is passed to force restaurants and retailers to keep any paper records of credit card transactions under lock and key, as opposed to just ‘under the counter’. An audit trail and inspections are an integral part of the process to limit and control access to personal information.
On-line shopping will now have to be accompanied by a fingerprint scan. All major computer manufacturers are already in the loop. Dell, IBM and HP all ship every desktop and laptop computer with a fingerprint reader.
Banks implement similar technology at all remaining teller locations and airline check-in is routinely accompanied by a fingerprint scan.

Warning: Hazardous thinking at work

Despite appearances to the contrary, Futureworld cannot and does not predict the future. Our Mindbullets scenarios are fictitious and designed purely to explore possible futures, challenge and stimulate strategic thinking. Use these at your own risk. Any reference to actual people, entities or events is entirely allegorical. Copyright Futureworld International Limited. Reproduction or distribution permitted only with recognition of Copyright and the inclusion of this disclaimer.