Showing papers on "Identity theft published in 2011"

Customer-controlled instant-response anti-fraud/anti-identity theft devices (with true- personal identity verification), method and systems for secured global applications in personal/business e-banking, e-commerce, e-medical/health insurance checker, e-education/research/invention, e-disaster advisor, e-immigration, e-airport/aircraft security, e-military/e-law enforcement, with or without NFC component and system, with cellular/satellite phone/internet/multi-media functions

Abstract: All-in-one wireless mobile telecommunication devices, methods and systems providing greater customer-control, instant-response anti-fraud/anti-identity theft protections with instant alarm, messaging and secured true-personal identity verifications for numerous registered customers/users, with biometrics and PIN security, operating with manual, touch-screen and/or voice-controlled commands, achieving secured rapid personal/business e-banking, e-commerce, accurate transactional monetary control and management, having interactive audio-visual alarm/reminder preventing fraudulent usage of legitimate physical and/or virtual credit/debit cards, with checks anti-forgery means, curtailing medical/health/insurance frauds/identity thefts, having integrated cellular and/or satellite telephonic/internet and multi-media means, equipped with language translations, GPS navigation with transactions tagging, currency converters, with or without NFC components, minimizing potential airport risks/mishaps, providing instant aid against school bullying, kidnapping, car-napping and other crimes, applicable for secured military/immigration/law enforcements, providing guided warning/rescue during emergencies and disasters.

Negotiating Privacy Concerns and Social Capital Needs in a Social Media Environment

Abstract: Social network sites (SNSs) are becoming an increasingly popular resource for both students and adults, who use them to connect with and maintain relationships with a variety of ties For many, the primary function of these sites is to consume and distribute personal content about the self Privacy concerns around sharing information in a public or semi-public space are amplified by SNSs’ structural characteristics, which may obfuscate the true audience of these disclosures due to their technical properties (eg, persistence, searchability) and dynamics of use (eg, invisible audiences, context collapse) (boyd 2008b) Early work on the topic focused on the privacy pitfalls of Facebook and other SNSs (eg, Acquisti and Gross 2006; Barnes 2006; Gross and Acquisti 2005) and argued that individuals were (perhaps inadvertently) disclosing information that might be inappropriate for some audiences, such as future employers, or that might enable identity theft or other negative outcomes

Do data breach disclosure laws reduce identity theft

Abstract: In the United States, identity theft resulted in corporate and consumer losses of $56 billion dollars in 2005, with up to 35 percent of known identity thefts caused by corporate data breaches. Many states have responded by adopting data breach disclosure laws that require firms to notify consumers if their personal information has been lost or stolen. Although the laws are expected to reduce identity theft, their effect has yet to be empirically measured. We use panel data from the U.S. Federal Trade Commission to estimate the impact of data breach disclosure laws on identity theft from 2002 to 2009. We find that adoption of data breach disclosure laws reduce identity theft caused by data breaches, on average, by 6.1 percent. © 2011 by the Association for Public Policy Analysis and Management.

Reduction of transaction fraud through the use of automatic centralized signature/sign verification combined with credit and fraud scoring during real-time payment card authorization processes

Abstract: A dynamic signature/sign biometric verification system for detecting and preventing fraudulent transactions is described. The system comprises remote digital signature/sign input devices, a means to extract spatial and temporal features from the signature, a means to transmit the signature/sign features along with customer identifier information to a centralized signature/sign verification authority, a means for combining signature/sign feature verification with other forms of fraud detection technology, and a means for transmitting the results of a signature/sign verification back to the remote location where the signature/sign was captured. The system was primarily developed for use in payment card industries (e.g. credit cards, debit cards) but has applicability to other centralized signature/sign verification applications such as Automated Teller Machine authorizations and other identity theft detection and monitoring services.

Heart Biometrics: Theory, Methods and Applications

Abstract: Automatic and accurate identity validation is becoming increasingly critical in several aspects of our every day lives such as in financial transactions, access control, traveling, healthcare and other. Traditional strategies to automatic identity recognition include items such as PIN numbers, tokens, passwords and ID cards. Despite the wide deployment of such tactics, the authenticating means is either entity or knowledge-based which rises concerns with regard to their ease of acquisition and use from unauthorized third parties. According to the latest The US Federal Commission Report, Frebruary 2010 (n.d.), in 2009 identity theft was the number one complaint category ( a total of 721,418 cases of consumer complaints). As identity theft can take different forms, credit card fraud was the most prominent (17%), followed by falsification of government documents (16%), utilities fraud (15%), employment fraud (13%) and other. Among these cases, true-identity theft constitutes only a small portion of the complaints, while ID falsification appears to be the greatest threat. Unfortunately, the technology for forgery advances without analogous counterfeit improvements. Biometric recognition was introduced as a more secure means of identity establishment. Biometric features are characteristics of the human body that are unique for every individual and that can be used to establish his/her identity in a population. These characteristics can be either physiological or behavioral. For instance, the face, the iris and the fingerprints are physiological features of the body with identifying information. Examples of behavioral features include the keystroke dynamics, the gait and the voice. The fact that biometric features are directly linked with the users presents an extraordinary opportunity to bridge the security gaps caused by traditional recognition strategies. Biometric features are difficult to steal or counterfeit when compared to PIN numbers or passwords. In addition, the convenience by which a biometric feature can be presentedmakes the respective systemsmore accessible and easy to use. However, biometric recognition has a drawback that rises from the nature of the authenticating modality. As opposed to static PIN numbers or passwords, biometric recognition may present false rejection since usually no two readings of the same biometric feature are identical. Anatomical, psychological or even environmental factors affect the appearance of the biometric feature at a particular instance. For instance, faces may be presented to the recognizers under various expressions, different lighting settings or with 10

The Dark Net: Self-Regulation Dynamics of Illegal Online Markets for Identities and Related Services

Abstract: Identity data, e.g. data to gain online access to computers, bank accounts, and credit card data, are traded in online marketplaces. This paper investigates the functioning of illegal online markets. These markets lack state regulation and the means to enforce agreements and the paper shows that they use alternative mechanisms to create trust among market participants. The sales outlets of illegal online markets are able to self-regulate the market and should be considered as a major device that makes cyber crime profitable.

Identity theft countermeasures

Abstract: In some embodiments, techniques for computer security comprise preventing and/or mitigating identity theft such as phishing.

The Boundaries Of Privacy Harm

Abstract: This Essay describes the outer boundaries and core properties of privacy harm, an important, unique, but chronically under-theorized injury. I argue that the vast majority of privacy harms fall into just two categories. The subjective category of privacy harm is the unwanted perception of observation. This category describes unwelcome mental states—anxiety, embarrassment, fear—that stem from the belief that one is being watched or monitored. Examples include everything from a landlord listening in on his tenants to generalized surveillance. The objective category of privacy harm is the unanticipated or coerced use of information concerning a person against that person. These are negative, external actions justified by reference to personal information. Examples include identity theft, the leaking of classified information that reveals an undercover agent, and the use of a drunk-driving suspect’s blood as evidence against him. The subjective and objective categories of privacy harm are distinct but related. Just as assault is the anticipation of battery, so is the unwanted perception of observation largely an apprehension about informationdriven consequences. The categories represent, respectively, the realization and consequence of a loss of control over personal information. The approach usefully uncouples privacy harm from privacy violations, demonstrating that each can occur without the other. It creates a “limiting principle” capable of revealing when another value—autonomy or equality, for instance—is more directly at stake, and a “rule of recognition” that permits the identification of a privacy harm when no other harm is apparent. Finally, the approach permits the sizing of privacy harm in novel ways, pointing the way toward a better science of privacy harm. * Senior Research Fellow, Stanford Center for Internet and Society, Lecturer in Law, Stanford Law School. My sincere thanks to Danielle Keats Citron, Daniel Solove, Chris Hoofnagle, Siva Vaidhynathan, Paul Ohm, Neil Richards, Katherine Strandburg, Woodrow Hartzog, “Dissent” and other participants at Privacy Law Scholars Conference 2010. Thanks also to Stefania Fusco, Samuel Bray, and Elizabeth Pollman for commenting on earlier drafts. Thanks to Katherine Merriam for research assistance.

How Much is the Public Willing to Pay to be Protected from Identity Theft

Abstract: Identity theft has become one of the most ubiquitous crimes in the USA with estimates of the number of households being victimized annually ranging between 5% and 25%, resulting in direct losses totaling hundreds of billions of dollars over the past few years. Government efforts to combat identity theft have included legislation criminalizing and increasing penalties as well as regulatory efforts designed to protect individual identifying information held by financial and other business organizations. At the same time, individuals are taking their own preventive actions and purchasing private protection such as credit monitoring and identity theft insurance services. We use data from a large sample of residents from four states (Illinois, Louisiana, Pennsylvania, and Washington) in order to assess the public's willingness to pay (WTP) for a government program designed to reduce identify theft under two separate conditions, one promising a 25% reduction in identity theft and the other promising a 75% reduc...

Information Security Activities of College Students: An Exploratory Study

Abstract: INTRODUCTION Communication, instruction, registration, advising, and administrative functions at institutions of higher education are increasingly conducted through technology-mediated communication (Allen & Seaman, 2010; Chueng & Huang, 2005; Jones, Johnson-Yale, Perez & Schuler, 2007; Salas & Alexander, 2008), including email (Jones, 2008; S. Jones, et al., 2007; Weiss & Hanson-Baldauf, 2008), blogs (Nackerud & Scaletta, 2008), learning management systems (Hawkins & Rudy, 2007; Jacob & Issac, 2008), and social media (Allen & Seaman, 2009; Ashraf, 2009; Ellison, 2007; Gilroy, 2010; Rosen & Nelson, 2008; Saeed, Yang, & Sinnappan, 2009). Traditional data centers and corporate networks administrators control the types of data permitted on their networks and the methods used to access data. Because web sites and programs use the same port as a user's Web browser, hackers and cyber criminals often attempt to bypass security controls on computer networks. Thus, corporate network administrators often ban users from accessing private email accounts, instant messenger programs, and social networking sites, such as Twitter, MySpace, and Facebook (Brodkin, 2008). High school networks also commonly block access to these sites and filter email for malware and other unwanted content (Waters, 2007). Because institutions of higher education openly share a substantial amount of information and data, web sites are rarely banned and message content is not filtered, increasing the likelihood that students will encounter hackers or identity thieves while using institutional networks (Allison & DeBlois, 2008; Ziobron, 2003). While institutions of higher education prepare students for professional careers (Cheung & Huang, 2005), effective information security awareness training has taken a back seat as prospective employers are expected to accept responsibility for training of college graduate hires (Okenyi & Owens, 2007; Turner, 2007). However, this approach is ineffective as sound IT security practices continue to fall through the cracks. Regardless of a student's vocational goals, colleges and universities must take a proactive approach to educate students about the potential risks associated with Internet usage and message security, as reported dollar losses from Internet crime have reached new highs (Internet Crime Complaint Center, 2009). The need to plan, develop and implement IT security awareness training is crucial to ensure the security of student, faculty, and institutional data and information (The Campus Computing Project, 2007). In order to adequately develop training, a profile of end-user college student security attitudes and behaviors must be determined. Do information security attitudes and behaviors of college students differ based on factors such as age, gender, ethnicity, classification level, academic major, identity theft victimization, and use of computer security tools? Also, does the effective use of computer security tools differ based on factors such as age, gender, ethnicity, classification level, academic major, identity theft victimization, installation of PC anti-virus software, or installation of PC anti-spyware software? The present study explores information security attitudes and behaviors of college students, and their use of computer security tools. The paper also highlights end-user security awareness practices to promote a better understanding of information security given the inherent dangers in the virtual world, and discusses strategies that institutions can employ to better protect personal information and data. LITERATURE REVIEW Human-caused security threats lurking in virtual spaces are ever-evolving. Under the Clery Act, university campuses are required to release yearly crime statistics on crimes including aggravated assault, burglary, theft, vandalism, and driving under the influence ("The Jeanne Clery Disclosure of Campus Security Policy and Campus Crime Statistics Act" [Clery Act], 1990). …

Stealing Reality: When Criminals Become Data Scientists (or Vice Versa)

Abstract: Stealing-reality attacks attempt to steal social network and behavioral information through data collection and inference techniques, making them more dangerous than other types of identity theft.

The ultimate invasion of privacy: Identity theft

Abstract: Identity theft has become one of the fastest growing crimes. Most people are unaware of the amount of data they disclose over all the Internet services proposed by search engines, social networking sites, e-commerce web sites, free online tools, etc. They are also unaware that this data can be easily aggregated, data-mined and linked together, which may lead to a potential identity theft should it fall into the wrong hands. If one adds up all of his online searching, communicating, shopping, browsing, blogging, chatting, reading and news sharing, one would realize that one revealed a complete picture of oneself and perhaps some information about his relatives, friends, colleagues, employer, etc. The potential value of this data is considerable for criminals. This paper deals with identity theft and all the issues raised by this type of computer crime. More precisely, it illustrates the variety of information that hackers may want to sift through, the attacks that they may perform and the locations where they can find the information.

System And Method For Mobile Identity Protection of a User of Multiple Computer Applications, Networks or Devices

Abstract: An automated system and method for authenticating entities or individuals engaging in automated or electronic transactions or activities such as financial transactions, accessing computer applications, computer software, data networks or other automated or electronic devices requiring identity verification is provided. A unique Personal Identity Value is computed and stored in an Identity Register for the entity or individual and may be used for a variety of applications including recognizing incidents of identity theft. This Personal Identity Value is based on one or more computer logic resources that incorporate the relationship among a variety of identification information elements and parameters associated with the entity or individual, such as the entity's or individual's wireless device location, the entity's or individual's home location, other associated locations, automated activities engaged in and applications accessed.

A Framework for Predicting Phishing Websites Using Neural Networks

Abstract: In India many people are now dependent on online banking. This raises security concerns as the banking websites are forged and fraud can be committed by identity theft. These forged websites are called as Phishing websites and created by malicious people to mimic web pages of real websites and it attempts to defraud people of their personal information. Detecting and identifying phishing websites is a really complex and dynamic problem involving many factors and criteria. This paper discusses about the prediction of phishing websites using neural networks. A neural network is a multilayer system which reduces the error and increases the performance. This paper describes a framework to better classify and predict the phishing sites using neural networks.

Poster: preliminary analysis of Google+'s privacy

Abstract: In this paper we provide a preliminary analysis of Google+ privacy. We identified that Google+ shares photo metadata with users who can access the photograph and discuss its potential impact on privacy. We also identified that Google+ encourages the provision of other names including maiden name, which may help criminals performing identity theft. We show that Facebook lists are a superset of Google+ circles, both functionally and logically, even though Google+ provides a better user interface. Finally we compare the use of encryption and depth of privacy control in Google+ versus in Facebook.

Generating an Identity Theft Score

Abstract: A system for generating an identity theft score is disclosed. The system may identify consumers who have experienced identity theft during a historical time period, generate an identity theft risk model based upon the plurality of consumers who have experienced identity theft, and generate an identity theft score for an individual consumer based upon the identity theft risk model and data associated with the individual consumer. The identity theft risk model may comprise a regression model, and the identity theft score may represent a probability that the individual consumer will experience identity theft during a future time period.

A phishing analysis of web based systems

Abstract: Phishing is form of identity theft that uses the social engineering techniques and sophisticated attack vectors to harvest financial information from unsuspecting consumers. It is a kind of attack in which phishers use spoofed emails and fraudulent web sites to trick people into giving up personal information. Victims perceive these emails as trusted, while in reality they are the work of phishers interested in identity theft. Web site phishing attacks usually start with an e-mail that arrives in the victim's mailbox pretending to be a legitimate and known entity. Usually, the mail claims some urgent steps to be taken by the user to avoid blocking of user account and direct him to a web page asking him to enter private information. But the web page is not legitimate and has no association with the organization it claims to be. Hence, the number of phishing fraud is continuing to grow, and the costs of the damages caused are increasing day by day. Therefore, there is the urgent need for anti-phishing solutions and recently have been identified, a number of solutions to mitigate phishing attacks have been proposed.

Online identity theft – an Indian perspective

Abstract: Purpose – Today almost all businesses are connected online and net banking has becoming a buzzword. The concept of identity theft which was more known in the Western world is making its presence felt in developing economies like India. In this context, the purpose of this paper is to review the current scenario of phishing attacks in India and provide some countermeasures that can be adopted by online firms to fight this kind of attack.Design/methodology/approach – A few statistics related to the phishing attacks worldwide are compared with India's to gauge the severity of the problem. Security measures adopted by a few banks worldwide are reviewed and are compared with their counterparts in India. In the end, some guidelines are furnished on how to tackle the situation.Findings – There has been an increase in identity theft in the last few years which could pose a serious problem in the future, resulting in loss of trust by the customer towards net banking. Most of the Indian banks are taking initiatives...

Methods and systems for secured global applications using customer-controlled instant-response anti-fraud/anti-identity theft devices with or without nfc component

Abstract: Wireless mobile devices, methods and systems dedicated to achieve greater customer control for protection against identity fraud/theft and medical/health insurance fraud, able to curtail any and/or most or all unauthorized and fraudulent usage of legitimate a person's identity.

Implementing a Web Browser with Phishing Detection Techniques

Abstract: Phishing is the combination of social engineering and technical exploits designed to convince a victim to provide personal information, usually for the monetary gain of the attacker. Phishing has become the most popular practice among the criminals of the Web. Phishing attacks are becoming more frequent and sophisticated. The impact of phishing is drastic and significant since it can involve the risk of identity theft and financial losses. Phishing scams have become a problem for online banking and e-commerce users. In this paper we propose a novel approach to detect phishing attacks. We implemented a prototype web browser which can be used as an agent and processes each arriving email for phishing attacks. Using email data collected over a period time we demonstrate data that our approach is able to detect more phishing attacks than existing schemes.

Innovating government : Normative, policy and technological dimensions of modern government

Abstract: 1 Innovating Government - an introduction to the book.- Part I Normative and ethical dimensions .- 2 Privacy 3.0.- 3 Normative assumptions in biometrics - on bodily differences and automated classifications.- 4 Electronic exchange of signals on youth at risk - a value perspective.- 5 Regulating invisible harms.- Part II Policy dimensions - Democracy .- 6 The single point of failure.- 7 Electronic voting: Approaches, strategies, and policy issues - a report from Switzerland.- 8 Striving behind the shadow - the dawn of Spanish politics 2.0.- Part III Policy dimensions - Surveillance .- 9 The normality of living in surveillance societies.- 10 The evolution of new technologies of surveillance in children's services in England.- 11 Electronic Child Records in the Netherlands - a legitimate path to right wrongs?.- 12 Legitimacy issues regarding citizen surveillance - the case of ANPR-technology in Dutch policing.- 13 The introduction of biometrics in the Netherlands - an evaluation under data protection and administrative law.- Part IV Legal dimensions - EU Law perspectives.- 14 The use of biometrics at the borders - a European policy and law perspective.- 15 Privacy and data protection aspects of e-government identity management.- 16 eHealth from a Dutch perspective.- 17 Implementation of the EU Services Directive: on eGovernment in a decentralized unitary state .- 18 The impact of Europe on geo-information.- Part V Legal dimensions - Techno-legal perspectives .- 19 Sharing information between government agencies - some legal challenges associated with semantic interoperability.- 20 Public information infrastructures and identity fraud.- 21 Access to law in Europe.- Part VI Legal dimensions - Law and philosophy perspective .- 22 Identity theft and fraud.- Part VII Technological dimensions .- 23 Biometrics and smart cards in identity management.- 24 How devices transform voting.- Part VIII Synthesis .- 25 A Brave New Government?

How to protect and minimize consumer risk to identity theft

Abstract: Purpose – The purpose of this paper is to present and explain the identity theft cycle. The identity theft cycle explains how a perpetrator goes through various stages of confidence and experimentation when stealing an individual's identity.Design/methodology/approach – The paper takes a conceptual approach by first describing identity theft in detail and then discussing the seriousness of identity theft for consumers today. The paper then presents and explains the identity theft cycle in greater detail including the stages of discovery, action, and trial.Findings – The paper provides evidence to suggest that if identity theft is detected early, consumers can protect themselves from the vast and difficult consequences of identity theft.Originality/value – This paper fulfills an important area of research by providing basic information about the nature of identity theft. This paper also discusses the various ways that perpetrators steal consumers' information, as well as teaches consumers how to proactivel...

An Investigation of Bluetooth Security Threats

Abstract: Bluetooth, which offers users the mobility to convenient, low-cost, short-ranged connections with up to seven other Bluetooth-enabled devices, has been widely adopted especially by young adults. However, Bluetooth-enabled networks have similar security weaknesses as any other digital networks. Instilling security awareness and implementing preventive measures, responsibilities of both the device manufacturers and the users, are essential to prevent harmful security breaches that may affect data and financial loss as a consequence of identity theft. This paper investigates students' awareness and perception of Bluetooth security threats, and whether they are able to take preventive measures to protect security threats.

The Influence of Interactivity on E-service Offerings: An Empirical Examination of Benefits and Risks

Abstract: News reports of Internet-based security breaches, identity theft, fraud, and other dangers may increase the perceived risk and decrease the perceived benefits of using electronic services (or e-services). We examine whether interactivity serves as a means to diminish the perceived risks and increase the perceived benefits of using e-services. To examine interactivity‟s influence on consumers‟ perceptions, we conducted a laboratory experiment using a simulated web-based, online payment system. When compared to a non-interactive preview of an online payment system, we found that consumers who used an interactive e-service simulation reported higher perceived involvement and authenticity as well as higher intangibility and risks of e-services. Further, we found that interactivity moderated relationships such that consumers were more likely to report higher intentions to use eservices. The paper concludes with implications for research and practice.

Security Status of VoIP Based on the Observation of Real-World Attacks on a Honeynet

Abstract: VoIP (Voice over IP) systems are more and more replacing PSTN (Public Switched Telephone Network) infrastructures. This increases the dependency on available and secure VoIP systems for successful business. Attacks against VoIP systems are becoming more imaginative and many attacks can cause damage, e.g., gain money for attackers or create costs for the victim. Therefore, in this paper the current security status of VoIP systems is described by analyzing real-world attacks collected in a honey net solution. In order to get the results, a classification, an analysis and a validation of the collected data were performed. The achieved results deliver information about Identity Theft, Malformed Messages, Fraudulent Calls as well as Attacker Behaviors and can help to adapt existing prevention systems to avoid the recognized and analyzed attacks in a productive environment.

Is that you? Authentication in a network without identities

Abstract: Most networks require that their users have 'identities', i.e., have names that are fixed for a relatively long time, unique, and have been approved by a central authority (in order to guarantee their uniqueness). Unfortunately, this requirement, which was introduced to simplify the design of networks, has its own drawbacks. First, this requirement can lead to the loss of anonymity of communicating users. Second, it can allow the possibility of identity theft. Third, it can lead some users to trust other users who may not be trustworthy. In this paper, we argue that networks can be designed without user identities and their drawbacks.

Linking the Popularity of Online Trading with Consumers' Concerns for Reputation and Identity Theft

Abstract: Although online trading has its benefits, such as convenience and the ability to compare prices online, there are still many concerns about the integrity of the buyer, the seller and/or the online action service provider OASP. This paper investigates these relationships via multivariate statistical analysis of a stratified sample of working professionals, resulting in 198 useable questionnaires from an initial sampling frame of over 550 professional personnel from five relatively large Pittsburgh, Pennsylvania, firms. The author found that buyers that felt feedback systems were viable were more willing to engage in online trading activities and pay a premium price for merchandise being sold by a seller with a better reputation, regardless of gender. Customers were especially concerned with the total price, including shipping cost, regardless of gender. In terms of the convenience of payment method, electronic forms were preferred in transacting online trading activities, regardless of age and gender.

Identity Theft and Fraud

Abstract: There are many different forms of identity theft. In 2004, I fell victim to one of the more common ones, debit card fraud. Someone had managed to copy my debit card and had also acquired my pin code. Presumably through a modified ATM, fitted with a card reader and a small hidden camera. Using the copied debit card and spied pin code, this person then managed to empty my entire checking’s account at various ATM’s abroad, in France and Italy. I had an overdraft facility, and the criminal was more than happy to take full advantage of that as well. Overnight, the little credit I had with the bank was converted into a 1,000 € debt.

Consumer identity theft prevention and identity fraud detection behaviours

Abstract: Purpose – The purpose of this paper is to investigate consumer behaviour as it relates to identity theft and fraud.Design/methodology/approach – Using survey data, this paper models the relationship between past experience of consumers and their levels of concern, and derives the principal components that make up consumer behaviours.Findings – The components are physical prevention measures, account monitoring, agency monitoring, password security, and risky behaviour avoidance. These components were found to be almost orthogonal, implying that consumers tend to “buy into” a particular component of behaviour. The proposed model of consumer behaviour, while statistically significant, did not have high predictive value.Research limitations/implications – The survey data used were collected without reference to the model used in this paper, which limits the efficacy of the model.Practical implications – Consumers use all the behaviours in one component without regard to other components. This can leave “hole...

Using Artificial Intelligence Techniques to Implement a Multifactor Authentication System

Abstract: The recent years have seen a rise in the number of cases of cyber-crime committed through identity theft and fraud. To address this problem, this paper uses adaptive neural-fuzzy inference system, fuzzy logic and artificial neural network to implement a multifactor authentication system through a technique of information fusion. To begin with, the identity attributes are mined using the three corpora from three major sources namely the social networks, a set of questionnaires and application forms from the various services offered both in the real and cyberspace. The statistical information generated by the corpora is then used to compose an identity attribute metric model. The composed identity attributes metrics values classified as biometrics, device metrics and pseudo metrics are then fused at the score level through a technique of information fusion in a multifactor authentication system by using each of the above artificial intelligence technologies and the results compared.