The unending identity theft problem: focus must expand from access prevention to consumer empowerment
The Target data breach is just one in an unending series of privacy exposures that create anger, disbelief and fear. Yet just as sure as it was not the first, it won’t be the last and trying to hold back unauthorized access to private data is akin to trying to hold back the sea. Yes we need better data security, and industry initiatives like PCI are vital to doing so, but with increased automation more individuals, applications and connected devices will create more access requirements, in turn giving birth to new problems at a pace that rivals attempts to stop unauthorized access. Data security is essential, but it’s time to realize that data security alone is not enough.
The time has come to shift attention more directly and proportionally to the problem we are ultimately working to stop unauthorized *use* of private data. Electronic commerce is all about consumer empowerment, and our research shows that individuals welcome opportunities to control more of their finances. Mobile payments and financial services are not just another convenient access point; smartphones, tablets and other connected mobile devices give individuals always-on and real-time control of any potential transaction that is being attempted through any other method (from in-store to online), and thus give individuals the power to stop unauthorized transactions made possible via data compromise, clerical error or any other means. Consumers want this shift of control and they largely cannot get it, and our efforts to solely stop identity fraud by focusing on stopping data breaches will never be enough. We need to give people what they want, and by doing so we will create further profitable and safe growth for electronic commerce.