Thread: Businesses Facilitating 'Identity Theft'
View Single Post
Old 10-13-2004, 08:52 PM   #35
tw
Read? I only know how to write.
 
Join Date: Jan 2001
Posts: 11,933
Quote:
Originally Posted by Idtheft03
There are no processes or procedures either in existance that will correct our situation. ... And Bruce is right anything that hampers instant sales are going to be stifled by business at every turn.
Therefore the SS number system will not work as expected - because it is not even established to perform identity functions. What makes telephone transactions so insecure? The missing and non-existant identity and confirmation system.

I believe you have a problem with this by assuming I am talking about existing systems and equipment (ie retnal scanners). Innovation starts by learning new fundamental concepts and procedures - and not getting bogged down in the microscopic details such as electronic fingerprinting. The classic expression is seeing the forest from the trees.

For example, satellites contain an identity and verification system so that unscrupulous companies cannot subvert another's satellite. Please tell me where such systems do not work over electronic media?

In the early days of satellites, everyone was careful to protect the other. When the Russians launched a new satellite, they told us what frequencies they would be using so that we did not harm their bird - accidentally talk to their bird. We did same with Russians. The entire identity system used for control was equivalent to a SS number system -dependent on all being honest. Even in satellites, such systems are no longer acceptable. Nothing super 21st Century technology. A system so that each owner could prove to each bird who we are AND so that the bird could inform us when others attempted to subvert the system. Without the later, then no security exists. We don't even have that simplistic system in business, the nation's economy, the credit card system, nor in credit bureaus. Somehow you even have to pay something (ie money or giving you address to credit spammers) to verify your own credit - typically long after that rating has been destroyed. Any systems that do exist are best called KLUDGES.

Take the ATM as an example. When it comes to basic transactional security, the nation's banking system is just fine, happy, and will to accept identity fraud as a cost of doing business rather than getting serious about personal security. Destruction of your credit rating does not adversely affect their business credibility nor their bottom line. Just like with ATMs and Smart Cards, the American banking system has no interest or incentives for an identity and verification system. You are not demanding same; and they are not. So it will not happen.

IOW losses due to bad credit would have to increase ten-fold or more before the issue is addressed - unless the public takes interest and demands same. Not only do be have nothing to perform identity verificatons and protection - ie SS number system. We have no interest in creating same. Not enough people realize yet that they have been harmed which is why credit bureaus should be required to provide you a credit report for free and when demanded. Again, will not happen.

Remember, ATMs existed in the western world for 10 years before any appeared in America. Companies who make smart card chips have sold billions - and still smart cards don't exist in America. With fear of technology rampant in the banking/financial industry (industry hyped networking in the early 1990s as a major innovation), and with people not even clamoring for identity protection, then no effective protection system is even being proposed.

Your SS number system - an upgrade from the existing system - will not work. For example, to prove who you are, you must provide a SS number. Now criminals have complete access to YOUR identity number because you must expose that number to prove who you are. This is the same problem that even makes credit card fraud so easy. Such systems will not work for the same reasons they do not work today. The foundation on which identity is proven is not based in security. Without a foundation that includes fundamental security (including the verification function), then identity theft remains profitable and unimpeded.

If a SS number is good enough for identity protection, then so is a credit card number. Furthermore, both are based upon and easily subverted by a compromised birth certificate system. A failed system that was never intended to provide identity verification and that provides no means to detect attempted identity theft.

We have no working identity system. The SS number system will never provide active identity protection - detect when others attempt identity theft. Without meeting both critieria, then no identity system exists. Nothing currently in existance is built on a secure foundation. Every existing identity method (SS numbers, credit card numbers, driver's licenses) is built for other purposes which is why identity theft will remain easy. None of those systems meet nor can be made to meet the two criteria - to prove you are who you claim AND to detect when another claims to be you. Two criteria. How, pray tell, can a SS number system even begin to meet those two criteria?
Last edited by tw; 10-13-2004 at 09:08 PM.
tw is offline   Reply With Quote