Trying to Put Identity Theft UNDER Your Thumb
The response of some businesses trying to curb identity theft is to put in biometric identification systems to handle purchase transactions. Instead of carrying a credit or debit card, you simply press your thumb to a touch pad. It does, at first, seem convenient and appealing. After all, you never leave home without it. You certainly can’t leave it in your other coat pocket, or in your other handbag. And, the identifying properties, unlike magnatic strips, can’t be inadvertently erased because it went through the wash by mistake.
There are also significant drawbacks. You have to allow the retailers that use these biometric systems to automatically draft the purchase amount directly from your checking account. Since banks currently offer little to no liability protection to consumer’s whose accounts are tapped fraudulently due to identity theft, that could be a big security risk.
Some people may believe that since their thumb is attached to their body and it’s imprint is unique, it’s impossible for an identity thief to steal it. However, if the means used to collect the imprint for a transaction is electronic and the method for transmitting and verifying that imprint is via any type of computer, it can be captured, copied and stolen.
The lack of security with current bank systems, such as ATM machines, is pervasive. The Washington Post reported yesterday that
half the U.S. financial institutions have not programmed their ATM systems to check security codes. Estimated annual losses from ATM fraud is [around] $2.75 billion, or $900 per incident.
A separate report Tuesday by the corporate services unit at International Business Machines Corp. noted
a surge in Internet attacks that facilitate bank fraud, including phishing and the surreptitous installation of keystroke-logging programs that copy what a computer user types.
Whether it is a coded card with a password or a copy of your thumbprint, if there are no checks and balances to the systems established and institutions are not required to ensure consumer accounts are safeguarded, indentity theft will continue to invade the lives of millions of individuals. Retailers, creditors and banks don’t utilize and verify security numbers already available on back of cards or ensure that their automated systems, such as ATMs, verify passcodes and/or pin numbers.
While current security measures fail to be utilized and maintained, those who manipulate technology with criminal intent are already demonstrating their ability to defeat the next generation of “security measures” using biometric-based identification.