• Categories

  • Archives

    « Home

    Time: How Banks Are Aiding and Abetting Identity Theft

    Time reports on the use of Social Security numbers by banks and the identification problems this could cause for individuals:

    To an identity thief, somebody else’s Social Security number is money in the bank. These nine digits unlock a world of phony credit and create a huge hassle for the poor person who actually holds that number. […] So why are banks still using SSNs as a major form of customer identification?

    According to a recent study by Javelin Strategy & Research, 70 percent of the biggest credit card issuers in the U.S. use them in at least some cases as a way to verify a customer’s identity when he or she contacts the company. “It’s easy and they haven’t changed their systems,” says Phil Blanks, the study’s author and head security and risk analyst at Javelin. “My guess is they’d tell you they’ve done it this way for years.” […]

    But today, it’s simply too easy for a cybercrook to track down those numbers, and data breaches like the recent one at Citi’s credit card unit that led to $2.7 million in fraudulent charges prove that even big financial institutions aren’t immune from the work of motivated hackers. [Ed Mierzwinski, consumer advocate at U.S.-PIRG,] blasts banks for potentially putting consumers’ most valuable personal identifier at risk for the sake of convenience. […]

    Even if the bank’s digital security is rock-solid, though, using your Social Security number to identify you makes that information vulnerable. Think about how many times you’ve been asked by a customer service employee at your credit card company to recite all or part of your number. That’s a lot of people who now know your number, along with your name and address. […]

    Unfortunately, it’s not much safer for financial institutions to use truncated versions of customers’ SSNs. The last four digits are the hardest for thieves to guess, so that’s the part of the number they really want anyway. The Social Security Administration only began randomizing the first part of SSNs last week; for anyone issued their number prior to that, the agency used a combination of where and when you were born to generate the first three and middle two numbers.

    Leave a Reply