Monthly Archives: May 2007

KBA…Cool or Creepy?

Usually when I explain what KBA (knowledge-based authentication) is most people think it’s really cool. Even though KBA solutions have been around since early 2000, the reality is businesses using this technology are considered early adopters – mainly because consumers (and the media) are only starting to become aware of KBA and how it works.

Recently identity proofing has caught the attention of industry analysts. Perhaps this is because most verifications are seamless to the customer and only focus on verifying that the identity is valid or real – not that the person is this claimed identity. But now with more synthetic identities being created, businesses need (and want) a way to determine that the person is who they claim and not a fraudster. Gartner stated in its recent research note on the subject:

Identityproofing services will become increasingly important for fighting fraud and building online reputations. Personal identity frameworks, such as Microsoft’s CardSpace and OpenID, will also spur adoption, because these frameworks will be used for high-assurance applications.

But what about the creepy factor…are KBA questions an invasion of your privacy? At IDology we believe KBA in fact protects your privacy by limiting what data is being exposed to businesses. Instead of having multiple companies and employees access and review all of your data records, we shield your information and ask non-invasive questions that link you to your history. Based on the fact that our clients see an increase in customer satisfaction when using KBA, I’d say most consumers find it cool too. After all, wouldn’t you rather answer a few questions about old addresses or cars than provide your social security number or driver’s license number?


1 Comment

Filed under Digital identity, identity proofing, Identity verification, knowledge based authentication

Googling Adult Content in Korea

Search industry giant Google announced that it will implement age verification for its services in Korea to prevent kids from accessing adult-themed searches. 700 “adult” keywords will be included in this program so that anyone searching and wanting to access content on those keywords will be required to prove they are 19.

I wonder if this will be a prelude of things to come in other countries.

Leave a comment

Filed under Age Verification, Google, protecting kids online

Age Verification Score Card: Second Life 1, MySpace 0.

Eight state Attorneys General wrote a letter to MySpace demanding they turn over the names of the registered sex offenders using their site. I’m very interested to see if and how MySpace will respond, especially since the social network relies on the honesty policy for its membership. Since we all know the honesty policy doesn’t work, being able to pinpoint a member name to a name on a registered list of predators will be interesting.

In related news, Second Life announced earlier this month that it will implement age verification for its members wanting to access adult related content. Are you familiar with Second Life? It’s a virtual 3-D community where you become a resident and “create.” Whatever you can imagine, you can create and build. Second Life indicates that everything in it (from the strobe lights at the nightclubs to the car or spaceship in your driveway) has been created by its residents. You can explore, buy property, set up a business, and interact with other people by buying and selling whatever you create. Interestingly enough, some companies like Adidas, Dell, IBM, Sun Microsystems, and Warner Brothers see some real-world benefits from participating in Second Life and are launching marketing plans specifically within the community.

As expected the reaction from Second Life residents to the age verification news is mixed but a lot of the adults and providers of the adult content within Second Life are in support of it because they understand the important reason why the site is implementing age verification – to do its part to protect children online.


Filed under Age Verification, MySpace, Second Life, social networking

A Plan to Combat Identity Theft

The Presidential Federal Task Force on Identity Theft recently issued its strategic plan to combat identity theft.  The recommendations and guidelines suggested, if followed, are definitely a good start to protecting consumers information because they put controls on the use of SSN numbers as universal identifiers (in the public sector) and establish some national standards for responding to breaches of sensitive data without hindering some State’s stricter protection laws. 

The report is definitely worth reading when you can find the time.  Weaved throughout are victim’s stories from both a business and consumer perspective that will open your eyes to just how damaging identity theft can be.  This example shows how identity theft impacts more than your credit history:

When purchasing advertising space in a trade magazine in 2002, a Colorado man wrote his birth date and Social Security number on the payment check. The salesman who received the check then used this information to obtain surgery in the victim’s name. Two years later, the victim received a collection notice demanding payment of over $40,000 for the surgery performed on the identity thief. In addition to the damage this caused to his credit rating, the thief’s medical information was added to the victim’s medical records.

Also included are accounts where businesses were able to prevent significant losses by enacting fraud prevention and identity authentication solutions.

When a major consumer lending institution encountered a problem when the loss ratio on many of its loans —including mortgages and consumer loans—became excessively high due to fraud, the bank hired a leading provider of fraud prevention products to authenticate potential customers during the application process prior to extending credit. The result was immediate: two million dollars of confirmed fraud losses were averted within the first six months of implementation.

Leave a comment

Filed under data breach, fraud, identity theft

Marketing Mayday!

Have you heard about the latest scam from the bad guys? It appears they too have learned how much impact marketing has on a “business” and purchased some keywords for Google and Yahoo ads. This article by Byron Acohido and Jon Swartz of USA Today explains it well and will bring you up to speed.

I doubt this scheme will impact the $19.5 billion (and growing) online advertising business too much but it certainly does show you how hackers and fraudsters are always evolving.

Leave a comment

Filed under fraud, identity, identity theft, Internet Safety, Internet Security, marketing, security