Language Selection

English French German Italian Portuguese Spanish

Sharing of data 'could block identity theft'

Filed under
Security

Thousands of cases of identity fraud could be prevented if financial services companies and credit reference agencies shared more data, according to a report from a leading criminologist.

Professor Martin Gill said criminals behind ID fraud, now the fastest growing type of theft in the UK, were exploiting the fact that people's credit files contain different information, depending on which company holds them.

The three main credit reference agencies in the UK do not even share information about people who have become victims of identity theft. As a consequence, anyone targeted by fraudsters has to contact each agency individually to warn creditors, increasing the likelihood of theft.

"Credit reference agencies should be responsible for sharing the fraud alert among themselves, saving ID theft victims the hassle of contacting each agency individually," Professor Gill said.

"Consumers who fear that they have become victims of identity theft could require that a fraud warning be put on all their credit report files, which would alert anyone accessing that file to potential frauds."

Professor Gill's report also called for all consumers to be given access to their credit files free of charge at least once a year, to enable them to identify rogue information that might relate to fraud.

"The consequences for ID theft victims can be very severe and it is clear that in the UK, things are not being made difficult enough for offenders," he said.

Figures from Cifas, an organisation set up by the consumer credit industry to combat fraud, show there were 130,000 cases of identity fraud last year, up from 101,000 in 2003.

Many police forces say they have not been given sufficient powers to fight this type of crime.

Detective Chief Inspector Oliver Shaw, of the City of London Police's Economic Crime Department, said one problem was that identity theft was not yet recognised as a crime category by legislators.

"Professor Gill's report strengthens the need for a strategic review of UK law," he said.

"The term identity theft is a misunderstood classification of the problem that has led to difficulties in assessing both the scale of criminality and our response to it."

By David Prosser
New Zealand Herald

More in Tux Machines

Security: Updates, SOS Fund, IR, ME, and WPA

  • Security updates for Friday
  • Seeking SOS Fund Projects
    I’m spending some time over the next few days looking for the next round of projects which might benefit from an SOS Fund security audit.
  • Strong Incident Response Starts with Careful Preparation
    Through working every day with organizations’ incident response (IR) teams, I am confronted with the entire spectrum of operational maturity. However, even in the companies with robust IR functions, the rapidly evolving threat landscape, constantly changing best practices, and surplus of available tools make it easy to overlook important steps during planning. As a result, by the time an incident occurs, it’s too late to improve their foundational procedures.
  • The Intel Management Engine: an attack on computer users' freedom
    Over time, Intel imposed the Management Engine on all Intel computers, removed the ability for computer users and manufacturers to disable it, and extended its control over the computer to nearly 100%. It even has access to the main computer's memory.
  • What Is WPA3, and When Will I Get It On My Wi-Fi?
    WPA2 is a security standard that governs what happens when you connect to a closed Wi-Fi network using a password. WPA2 defines the protocol a router and Wi-Fi client devices use to perform the “handshake” that allows them to securely connect and how they communicate. Unlike the original WPA standard, WPA2 requires implementation of strong AES encryption that is much more difficult to crack. This encryption ensures that a Wi-Fi access point (like a router) and a Wi-Fi client (like a laptop or phone) can communicate wirelessly without their traffic being snooped on.

First Impressions: Asus Tinkerboard and Docker

The board's standard OS is TinkerOS - a Linux variant of Debian 9. I've also read that Android is available but that doesn't interest us here. While Android may use forms of containerisation under the hood it doesn't mix with Docker containers. Rather than trying TinkerOS I flashed Armbian's release of Ubuntu 16.04.03. The stable build on the download page contains a full desktop, but if you want to run the board headless (like I do) then you can find a smaller image on the "other downloads" link. I initially used the stable image but had to swap to the nightly build due to a missing kernel module for Kubernetes networking. Having looked this up on Google I found the nightly build contained the fix to turn on the missing module. Read more

today's howtos

PlayOnLinux For Easier Use Of Wine

PlayOnLinux is a free program that helps to install, run, and manage Windows software on Linux. It can also manage virtual C: drives (known as Wine prefixes), and download and install certain Windows libraries for getting some software to run on Wine properly. Creating different drives using different Wine versions is also possible. It is very handy because what runs well in one version may not run as well (if at all) on a newer version. There is PlayOnMac for macOS and PlayOnBSD for FreeBSD. Read
more