I'm doing the TRUST Seminar at Berkeley this week. Here's the info and abstract.
Date: Thursday, October 18, 2007
Time: 1:00 PM (lunch will be served)
Location: 540 A/B Cory Hall
ABSTRACT: In synthetic identity theft cases, an impostor creates a new identity using some information from a victim that is enhanced with fabricated personal information. For instance, the impostor may use a real Social Security number, but a falsified name and address. Since this synthetic identity is based on some real information, and sometimes supplemented with artfully created credit histories, it can be used to apply for new credit accounts. In a currently-ongoing case, two men alleged to have used this tactic applied for and obtained 250 credit cards and amassed $760,000 in charges. Experts following fraud trends claim that synthetic identity theft is a growing problem, and is responsible for massive losses among financial services institutions. How can fabricated person obtain credit? This presentation will explore the synthetic identity theft problem, its roots in credit authentication, and possible approaches to reducing its incidence and severity.
- Log in to post comments
I hate the thought of further government tracking, but I think a national ID, with a national number which only applies to one name, is the way to go. Currently, each social security number can be assigned to numerous people. This makes it harder to detect fraud, both credit and immigration fraud. A national ID where, 1 number goes to 1 person, would reduce fraud.
A second regulation that could reduce fraud if a national ID was created would be that credit can only be created after photo ID has verified both name and number.
@Mike, I don't think we need to go that far. My hypothesis, which is testable, is that credit grantors are only using the SSN and Date of birth to screen applications, meaning that if they simply engaged in name matching, much of the synthetic id theft problem could dissipate.
Mike: the problem with that idea is that it introduces a single point of failure. If you can fraudulently obtain such an ID, then you have a gold-standard ID document you can use to commit further fraud.
ID schemes are only as good as their registration procedures, and registration procedures can never be perfect, because they're always dependant on their inputs. There is no way to prove you are who you claim to be from first principles.
Such a scheme would actually make ID fraud easier.