The Tacoma Washington News Tribune summarized a meeting in an article titled Access to public records outweighs risk of identity theft. The headline alone is disturbing to me, as someone who has been a victim of identity theft.
How often is access to my public records needed? I am not applying for a new driver’s license, getting Medicare, or in general using services for which my history would benefit and need to be readily available to someone without my permission.
A Microsoft executive is quoted as offering a few ideas for making identity theft more difficult: “…making identity documents harder to counterfeit; requiring governments to make sure someone hasn’t died before issuing a birth certificate; requiring merchants to do a more thorough check before issuing credit; and requiring check-cashing companies to work harder to establish identity before cashing a check.”
Other, simple, obvious steps credit reporting agencies and any company that handles consumer data (including banks) should take to stop identity fraud:
- Require an Act of God to change a birth date. When was the last time your birthday changed? Mine hasn’t (well yet anyway). However on my credit report when someone applied for a credit card in my name, suddenly their birthday appeared on MY credit record — a record I had had for more years than I care to remember.
Similarly my bank lets me edit my birth date online. Their reasoning is that I might have entered it wrong when I applied for my account (an account I have had for over 10 years). Think twice before making it too easy to self service information.
- Seriously question discrepancies if one “person” has multiple utilities set up. A friend discovered there were fraudulently multiple phone numbers set up in her name in various cities. If the utility companies sent a confirmation to the original address a name had utilities registered under, much as a bank and post office send you a change of address confirmation to both the old and new addresses, you could confirm if the new utilities were related to multiple properties you owned – or not.
If some of the bills under a person’s name are paid late or not at all, while the original utilities are paid on time, again there should be a flag that it’s likely not the same person.
- Automatically set up PIN numbers to change information available through public records. My phone company now lets me set up a PIN I have to provide if I’m moving or cancelling service etc. This is optional, upon request. Why not do it automatically?
Is there any reason why the DMV shouldn’t require a PIN to change your address or add a new address under your name?
Social Security Numbers alone are no longer useful as personal identifiers. Too readily available. All institutions should think of other layers of security and institute fraud flags to give us peace of mind and further stop the fraud.