Identity theft is a relatively modern problem. In some ways, it has become more difficult to have your identity stolen but in others, it has become easier. Protecting yourself against identity theft should be a proactive practice, and blockchain technology can help. In this article, we will outline the most common types of identity theft and how you can protect yourself against them
The first step in preventing identity theft is understanding what that means and being able to recognize it. Identity theft (also known as identity fraud by law enforcement) is defined as all crimes against individuals where personal and/or financial information is obtained illegally by using fraud or deception. The most common motivation for identity theft is financial gain.
Once someone steals your identity, they can do a number of things:
Identity theft is illegal in most of the world, usually punishable by jail time and/or fines. If identity theft is used to conduct criminal activity, the punishment is usually heavier. The majority of identity theft affects consumers, with the most common being credit card fraud according to the Federal Trade Commission (FTC).
Once someone has stolen your identity, the signs are usually easy to spot. Most of us, at some point, have received a call from our bank asking about suspicious transactions, but there are other signs to look for.
If you notice any of these signs, it is important to take action immediately. There are also a number of steps you can take to prevent your identity from being stolen in the first place.
An important first step you can take to prevent your identity from being stolen is to actively monitor your financial statements. If possible, check your bank account and credit card statements online at least once a week. If checking your statements online isn’t possible, make sure you are monitoring your monthly statements.
Another step you can take is to freeze your credit. This makes it a lot harder for someone to open a credit card or take out a loan under your name, as the bank won’t be able to run a credit check. It’s also free, and you can temporarily lift it if need be. However, it can be a bit of a nuisance as there are three separate credit bureaus you have to contact to do this in the US. You can also enroll in a credit monitoring service, such as PrivacyGuard or Credit Karma, or place a fraud alert on your credit.
Making sure you have strong, diverse passwords on all of your accounts is also key. We all know not to use passwords like “password” or “12345”, but having a strong password goes a lot further than that. Not only should you avoid personal things like pets or family names, but you should even avoid using words that are in the dictionary. If you find remembering different passwords for every account difficult, you can use a service like LastPass to generate unique passwords and safely store them for login.
In recent years blockchain technology has built a reputation for providing an unbreakable and un-hackable payments infrastructure. If you're not aware of how a blockchain works, it typically goes like this:
In order to alter her transaction, Alice would need to break the cryptographic hash of each of the blocks that have been added since. Given the complexity of the hashing algorithm and the resource-intensive nature of hacking this kind of infrastructure, this rarely makes economic sense. In short blockchain technology is set up in such a way as to make hacking it both technically difficult and uneconomical.
Given these impressive features, the question becomes: how can we utilize the secure and distributed nature of the blockchain to protect individuals from identity theft.
Well, since 2017, the SelfKey Foundation has been building an end-to-end identity management solution utilizing the Ethereum blockchain. This ecosystem will allow individuals and corporations to authenticate themselves online while minimizing the amount of personal information that needs to be shared.
As a simplified example, imagine going to the liquor store and having to show your driver's license to prove that you are of legal drinking age. The liquor store is legally compelled to ensure that you are of legal drinking age, but typical forms of ID contain much more information than is necessary at this junction. A US driver's licence for example contains:
You can be sure that, in an online environment, all this information is stored and will be leaked in the case of a data breach.
But now imagine the same situation, but instead of an ID you show a notarized certificate simply showing a facial imagine and the sentence: "We, NAME OF NOTARY, hereby confirm that John Doe is of legal drinking age."
In this second scenario, you can see a simplified example of how the SelfKey ecosystem will use certifiers in order provide evidence but not information. In the case of a breach or a hack, no valuable information would be shared. All a hacker might know is that there is a man called John Doe and he's over the age of 21.
Then you combine this approach with the security and transparency of the blockchain, alongside decentralized identifiers, and you start having a strong identity management system that improves on the current system in many important ways.
Unfortunately, identity theft is a problem that is not likely to disappear anytime soon and often, we only realize that our identity has been compromised once it is too late. There needs to be a shift in public thinking to be far more proactive in preventing identity theft. Stronger passwords, credit monitoring, and fraud alerts are all good actions to take, but they don’t ultimately solve some of the bigger problems.
It’s become a worryingly frequent occurrence for companies to be hacked, and there are plenty of opportunities for malicious actors to get a hold of your data. Most of us are in the bad habit of not reading the terms and conditions, and privacy policy of every website we sign-up to. We are often giving away a lot of our personal information and may not even realize it.
The time has come for us to take back control of our identity instead of waiting for companies, organizations, and government bodies to lose it. Self-sovereign identity is a very real possibility in the future, but the general population has to make the shift. More awareness needs to be put in place, and we need better solutions that actively prevent identity theft. Your identity is the one thing that should belong exclusively to you, let’s put the power back in your hands and let you decide who gets access to what information.
Download the SelfKey Identity Wallet and take the first step towards protecting yourself from identity theft.