In lieu of an abstract, here is a brief excerpt of the content:

58 “I have traveled the length and breadth of this country and talked with the best people, and I can assure you that data processing is a fad that won’t last out the year.” —editor in charge of business books, Prentice Hall, 1957 Human identification is the basis of all studies involving identity theft and fraud. This chapter explores this feature in some detail, then applies it to the credit industry, where identification is managed by a variety of identifiers and verifiers. Personal credit and finance revolves around the credit reporting system, which is intimately associated with identity and its management. Related issues are explored, including current issues surrounding databases , brokers and data breaches. Finally, data collection and dissemination practices are discussed in some detail. The Basics of Human Identification in Information Systems Roger Clarke describes how human identification, in the context of information systems, is a process “used to link a stream of data with a person” (Clarke 1994: 8) and outlines the needs and bases for the formal identification of humans in systems. Noting that organizations increasingly rely on information systems to conduct the process of identification, Clarke describes the desirable characteristics of a human identifier. These characteristics include Chapter 4 Information Sources for Identity Theft and Fraud Information Sources for Identity Theft and Fraud | 59 universality of coverage, uniqueness, permanence, indispensability , collectability, storability, exclusivity, precision, simplicity, cost, convenience and acceptability. The characteristics of universality and uniqueness mean that every relevant person must have an identifier, each of those persons should have only one identifier, and no two persons should have the same identifier. Names, while universal (i.e., everyone has one), are not unique since many people may share the same name. That is why individuals are often assigned codes or numbers for identification. Permanence means that the identifier should not change over time, and indispensability means that each person should have and retain the characteristic used as the identifier at all times. The identifier should be collectable by anyone on any occasion, and it should be able to be stored in both manual and electronic systems. Biometric characteristics observable through such procedures as iris scanning or fingerprinting are often thought to be good identifiers because they are permanent and indispensible. However, their collection usually requires sophisticated equipment. While some biometrics like fingerprints have been historically collected and stored manually, most new biometrics identifiers are designed for electronic collection and storage. Exclusivity means that no other identifier should be necessary, and precision implies that each person’s identifier is sufficiently different from all other persons’ identifiers that mistakes will not be made. The systems used to record, measure and store the identifier should be simple, cost efficient and convenient. The identifier must also be acceptable—meeting societal norms and standards. An example of an unacceptable identifier would be number tattoos, because of their historical reference to Nazi concentration camps, in addition to the fact that the very thought of being tattooed is repugnant to many people. Clarke evaluates various common identifiers against these criteria and concludes, “there is no basis for identification that fulfills all desirable characteristics” (Clarke 1994: 23). Introducing the [52.15.63.145] Project MUSE (2024-04-25 03:19 GMT) 60 | Identity Theft and Fraud idea of risk, he suggests that organizations need to evaluate their specific needs and design a system “with a degree of accuracy commensurate with the gravity of the information or the action (to be taken)” (Clarke 1994: 25). For example, the UK government has proposed four levels of authentication, which correspond to four different levels of risk that may be associated with government services provided over the Internet (Cabinet Office 2002). Clarke finishes the paper with a discussion of multi-purpose identification schemes, such as inhabitant registration schemes commonly found in European countries. He observes that objections to these identification schemes are based on the potential for discrimination, the need for multiple identities in some cases and the invasiveness and stigma associated with some biometric identifiers. Primarily, however, objections are based on how identification schemes allow organizations to exert power over the individual, pointing out that there is a history of abuses related to such schemes when in the hands of totalitarian regimes (Clarke 1994). A Discourse on the Credit Industry By the end of the twentieth century, there was a lot of media and public policy interest directed at the problem of identity fraud and it was widely being reported as the fastest growing financial crime...

Share