The identity theft arms race

I remember when I was about 10 years old and some friends of my parents went to Thailand for a holiday. They were reasonably well off – he was an accountant with one of the big firms and she wore fabulous faux-fur coats (back when killing animals to satisfy hedonistic pleasures was still considered uncool). So you can imagine their embarrassment when, a month or so later, their credit card was declined when they were attempting to pay for dinner with friends!

They checked with their bank the following day and found that their credit card was totally maxed out, with a whole pile of transactions from Thailand. Luckily, most of the transactions occurred after they’d returned home from their trip, so they were able to easily prove that it wasn’t them and the bank gave them their money (well, credit) back.

That was one of the earlier cases of identity theft. Back in those days credit cards were put through a zip-zap machine, and carbon paper was used to take 3 copies. Some dodgy operators, like the ones my parents’ friends encountered in Thailand, would keep the carbon paper, and use the information available on that to create a replica of your credit card.

To stop that, the banks came up with a type of paper to use in the zip-zap machines that didn’t require carbon paper. That worked for a while.

Then everybody went electronic.

The bad guys created viruses to sniff out personal details.

So, the security industry invented virus protection software.

And the bad guys created key loggers to install on users machines and collect their login credentials.

So, the security industry came up with anti-spyware software.

Then the bad guys thought up phishing.

And the security industry hit back with 2-factor authentication.

And the bad guys found a way around that too.

Who will make the next move???

Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.