Showing papers on "Identity theft published in 2020"

A Survey of Fintech Research and Policy Discussion

Abstract: The intersection of finance and technology, known as fintech, has resulted in the dramatic growth of innovations and has changed the entire financial landscape. While fintech has a critical role to play in democratizing credit access to the unbanked and thin-file consumers around the globe, those consumers who are currently well served also turn to fintech for faster services and greater transparency. Fintech, particularly the blockchain, has the potential to be disruptive to financial systems and intermediation. Our aim in this paper is to provide a comprehensive fintech literature survey with relevant research studies and policy discussion around the various aspects of fintech. The topics include marketplace and peer-to-peer lending; credit scoring; alternative data; distributed ledger technologies; blockchain; smart contracts; cryptocurrencies and initial coin offerings; central bank digital currency; robo-advising; quantitative investment and trading strategies; cybersecurity; identity theft; cloud computing; use of big data, artificial intelligence. and machine learning; identity and fraud detection; anti-money laundering; Know Your Customers; natural language processing; regtech; insuretech; sandboxes; and fintech regulations.

A Recent Survey on Multimedia and Database Watermarking

Abstract: In today’s digital era, it is very easy to copy, manipulate and distribute multimedia data over an open channel. Copyright protection, content authentication, identity theft, and ownership identification have become challenging issues for content owners/distributors. Off late data hiding methods have gained prominence in areas such as medical/healthcare, e-voting systems, military, communication, remote education, media file archiving, insurance companies, etc. Digital watermarking is one of the burning research areas to address these issues. In this survey, we present various aspects of watermarking. In addition, various classification of watermarking is presented. Here various state-of-the-art of multimedia and database watermarking is discussed. With this survey, researchers will be able to implement efficient watermarking techniques for the security of multimedia and database.

Establishing a Zero Trust Strategy in Cloud Computing Environment

Abstract: The increased use of cloud services and its various security and privacy challenges such as identity theft, data breach, data integrity and data confidentiality has made trust management, which is one of the most multifaceted aspect in cloud computing, inevitable. The growing reputation of cloud computing technology makes it immensely important to be acquainted with the meaning of trust in the cloud, as well as identify how the customer and the cloud service providers establish that trust. The traditional trust management mechanisms represent a static trust relationship which falls deficit while meeting up the dynamic requirement of cloud services. In this paper, a conceptual zero trust strategy for the cloud environment has been proposed. The model offers a conceptual typology of perceptions and philosophies for establishing trust in cloud services. Further, importance of trust establishment and challenges of trust in cloud computing have also been explored and discussed.

Comprehensive Review of Cybercrime Detection Techniques

Abstract: Cybercrimes are cases of indictable offences and misdemeanors that involve computers or communication tools as targets and commission instruments or are associated with the prevalence of computer technology. Common forms of cybercrimes are child pornography, cyberstalking, identity theft, cyber laundering, credit card theft, cyber terrorism, drug sale, data leakage, sexually explicit content, phishing, and other forms of cyber hacking. They mostly lead to a privacy breach, security violation, business loss, financial fraud, or damage in public and government properties. Thus, this study intensively reviews cybercrime detection and prevention techniques. It first explores the different types of cybercrimes and discusses their threats against privacy and security in computer systems. Then, it describes the strategies that cybercriminals may utilize in committing these crimes against individuals, organizations, and societies. It also reviews the existing techniques of cybercrime detection and prevention. It objectively discusses the strengths and critically analyzes the vulnerabilities of each technique. Finally, it provides recommendations for the development of a cybercrime detection model that can detect cybercrimes effectively compared with the existing techniques.

Data Hiding: Current Trends, Innovation and Potential Challenges

Abstract: With the widespread growth of digital information and improved internet technologies, the demand for improved information security techniques has significantly increased due to privacy leakage, identity theft, illegal copying, and data distribution. Because of this, data hiding approaches have received much attention in several application areas. However, those approaches are unable to solve many issues that are necessary to measure in future investigations. This survey provides a comprehensive survey on data hiding techniques and their new trends for solving new challenges in real-world applications. The notable applications are telemedicine, 3D objects, mobile devices, cloud/distributed computing and data mining environments, chip and hardware protection, cyber physical systems, internet traffic, fusion of watermarking and encryption, joint compression and watermarking, biometric watermarking, watermarking at the physical layer, and many other perspectives. Further, the potential issues that existing approaches of data hiding face are identified. I believe that this survey will provide a valuable source of information for finding research directions for fledgling researchers and developers.

SSIBAC: Self-Sovereign Identity Based Access Control

Abstract: Ineffective data management practices pose serious issues to individuals and companies, e.g., risk of identity theft and online exposure. Self-sovereign identity (SSI) is a new identity management approach that ensures users have full control of their personal data. In this work, we alleviate data breach and user privacy problems by showing how SSI can fit within the context of established enterprise identity and access management technologies. In light of recent endeavors, we explore the use of decentralized identifiers, verifiable credentials, and blockchains that support SSI. We propose Self-Sovereign Identity Based Access Control (SSIBAC), an access control model for cross-organization identity management. SSIBAC leverages conventional access control models and blockchain technology to provide decentralized authentication, followed by centralized authorization. The access control process does not require storing user sensitive data. A prototype was implemented and evaluated, processing 55,000 access control requests per second with a latency of 3 seconds.

Examining the Adoption and Abandonment of Security, Privacy, and Identity Theft Protection Practices

Abstract: Users struggle to adhere to expert-recommended security and privacy practices. While prior work has studied initial adoption of such practices, little is known about the subsequent implementation and abandonment. We conducted an online survey (n=902) examining the adoption and abandonment of 30 commonly recommended practices. Security practices were more widely adopted than privacy and identity theft protection practices. Manual and fully automatic practices were more widely adopted than practices requiring recurring user interaction. Participants' gender, education, technical background, and prior negative experience are correlated with their levels of adoption. Furthermore, practices were abandoned when they were perceived as low-value, inconvenient, or when users overrode them with subjective judgment. We discuss how security, privacy, and identity theft protection recommendations and tools can be better aligned with user needs.

Identifying phishing attacks in communication networks using URL consistency features

Abstract: Phishing is a fraudulent attempt by cybercriminals, where the target audience is addressed by a text message, phone call or e-mail, requesting classified and sensitive information after presenting himself/herself as a legitimate agent. Successful phishing attack may result into financial loss and identity theft. Identifying forensic characteristics of phishing attack can help to detect the attack and its perpetuators and as well as to enable defence against it. To shield internet users from phishing assaults, numerous anti-phishing models have been proposed. Currently employed techniques to handle these challenges are not sufficient and capable enough. We aim at identifying phishing sites in order to guard internet users from being vulnerable to any form of phishing attacks by verifying the conceptual and literal consistency between the uniform resource locator (URL) and the web content. The implementation of the proposed PhishDetect method achieves an accuracy of 99.1%; indicating that it is effective in detecting various forms of phishing attacks.

Towards Airbnb-Like Privacy-Enhanced Private Parking Spot Sharing Based on Blockchain

Abstract: Private parking spot sharing can help relieve the parking problem due to insufficient public parking facilities in big cities. Meanwhile, users who share parking spots can also benefit, either by getting a free parking spot or by obtaining a parking fee payment. However, when users are sharing their private parking spots, their privacy is inevitable to be disclosed. This could put these parking spots owners into some unnecessary inconveniences, such as identity theft. Existing private parking spot sharing schemes either do not consider privacy issues. Or, when privacy is taken into account, they assume the existence of a trusted third party. To address these issues, we propose a privacy-enhanced private parking spot sharing scheme without trusted third parties. Specifically, we use market design method to share parking spots. We achieve enhanced privacy with decentralized anonymous credentials and confidential anonymous payment with a variant Monero. Extensive analysis confirms the security and privacy protection of the proposed scheme. Performance evaluation shows that the proposed scheme has moderate computational costs and communication overhead.

The Physical and Emotional Toll of Identity Theft Victimization: A Situational and Demographic Analysis of the National Crime Victimization Survey

Abstract: The present study investigates the physical and emotional consequences of suffering an identity-related criminal victimization. In addition to reporting the extent and nature of these consequences,...

SDN-Based Security Enforcement Framework for Data Sharing Systems of Smart Healthcare

Abstract: As novel healthcare paradiagm, smart healthcare can provide more efficient and high quality medical services for patients. However, smart healthcare needs patients to share their physiological information for online diagnoses, if the data sharing system of smart healthcare lacks effective security mechanisms, these sensitive information might be abused by illegal or malicious users. Moreover, smart healthcare needs to confront some brand-new challenges, such as resource-constrained IoT things, identity theft attacks and insider attacks. To tackle these problems, we propose a SDN-based security enforcement framework for data sharing systems of smart healthcare. In our framework, each patient has a dedicated virtual machine in data sharing system, each virtual machine provides a group data services which can be released to those authorized service consumers or IoT things. In additon, virtual machine is protected by the SDN-based gateway which provides a firewall mechanism and guarantees only authorized things can access patient’s virtual machine. Since each thing has a unique MAC address, thus our framework can effectively authenticate resource-constrained IoT things and tackle the problems caused by identity theft. To validate the effectiveness and feasibility of our framework, we implement an experimental system using POX controller and Mininet emulator. The experimental results illustrate our framework is effective under different test scenarios. As increasing the scale of information flow model, the framework can still work well and its performance can be still acceptable.

Risk and protective factors of identity theft victimization in the United States.

Abstract: Identity theft victimization is associated with serious physical and mental health morbidities. The problem is expanding as society becomes increasingly reliant on technology to store and transfer personally identifying information. Guided by lifestyle-routine activity theory, this study sought to identify risk and protective factors associated with identity theft victimization and determine whether individual-level behaviors, including frequency of online purchasing and data protection practices, are determinative of victimization. Data from sequential administrations of the U.S. National Crime Victimization Survey–Identity Theft Supplement (ITS) in 2012 and 2014 were combined (N = 128,419). Using multivariable logistic regression, risk and protective factors were examined for three subtypes: 1) unauthorized use of existing credit card/bank accounts, and unauthorized use of personal information to 2) open new accounts, or 3) engage in instrumental activities (e.g., applying for government benefits, receiving medical care, filing false tax returns). Existing credit card/bank accounts and new accounts identity theft victimization were associated with higher levels of online purchasing activity and prior identity theft victimization. All identity theft subtypes were associated with government/corporate data breaches and other crime victimization experiences. Routine individual-level preventive behaviors such as changing online passwords and shredding/destroying documents were protective. Identity theft subtypes showed divergent socio-demographic risk/protective profiles, with those of higher socioeconomic status more likely to be victims of existing credit card/bank account identity theft. Identity theft is a pervasive, growing problem with serious health and psychosocial consequences, yet individuals can engage in specific protective behaviors to mitigate victimization risk.

Past the Privacy Paradox: The Importance of Privacy Changes as a Function of Control and Complexity

Abstract: The privacy paradox is often characterized as a risk-benefit trade-off. Risks like identity theft, invasions of privacy, and online harassment compete with benefits like social need fulfill...

Blockchain and the Identity based Encryption Scheme for High Data Security

Abstract: Using the blockchain technology to store the privatedocuments of individuals will help make data more reliable and secure, preventing the loss of data and unauthorized access. The Consensus algorithm along with the hash algorithms maintains the integrity of data simultaneously providing authentication and authorization. The paper incorporates the block chain and the Identity Based Encryption management concept. The Identity based Management system allows the encryption of the user’s data as well as their identity and thus preventing them from Identity theft and fraud. These two technologies combined will result in a more secure way of storing the data and protecting the privacy of the user.

Risk Perceptions on Social Media Use in Norway

Abstract: Social media are getting more and more ingrained into everybody’s lives. With people’s more substantial presence on social media, threat actors exploit the platforms and the information that people share there to deploy and execute various types of attacks. This paper focuses on the Norwegian population, exploring how people perceive risks arising from the use of social media, focusing on the analysis of specific indicators such as age, sexes and differences among the users of distinct social media platforms. For data collection, a questionnaire was structured and deployed towards the users of multiple social media platforms (total n = 329). The analysis compares risk perceptions of using the social media platforms Facebook (n = 288), Twitter (n = 134), Reddit (n = 189) and Snapchat (n = 267). Furthermore, the paper analyses the differences between the sexes and between the digital natives and non-natives. Our sample also includes sufferers of ID theft (n = 50). We analyse how account compromise occurs and how suffering ID theft changes behaviour and perception. The results show significant discrepancies in the risk perception among the social media platform users across the examined indicators, but also explicit variations on how this affects the associated usage patterns. Based on the results, we propose a generic risk ranking of social media platforms, activities, sharing and a threat model for SoMe users. The results show the lack of a unified perception of risk on social media, indicating the need for targeted security awareness enhancement mechanisms focusing on this topic.

Evaluation of Key Security Issues Associated with Mobile Money Systems in Uganda

Abstract: Smartphone technology has improved access to mobile money services (MMS) and successful mobile money deployment has brought massive benefits to the unbanked population in both rural and urban areas of Uganda. Despite its enormous benefits, embracing the usage and acceptance of mobile money has mostly been low due to security issues and challenges associated with the system. As a result, there is a need to carry out a survey to evaluate the key security issues associated with mobile money systems in Uganda. The study employed a descriptive research design, and stratified random sampling technique to group the population. Krejcie and Morgan’s formula was used to determine the sample size for the study. The collection of data was through the administration of structured questionnaires, where 741 were filled by registered mobile money (MM) users, 447 registered MM agents, and 52 mobile network operators’ (MNOs) IT officers of the mobile money service providers (MMSPs) in Uganda. The collected data were analyzed using RStudio software. Statistical techniques like descriptive analysis and Pearson Chi-Square test was used in data analysis and mean (M) > 3.0 and p-value < 0.05 were considered statistically significant. The findings revealed that the key security issues are identity theft, authentication attack, phishing attack, vishing attack, SMiShing attack, personal identification number (PIN) sharing, and agent-driven fraud. Based on these findings, the use of better access controls, customer awareness campaigns, agent training on acceptable practices, strict measures against fraudsters, high-value transaction monitoring by the service providers, developing a comprehensive legal document to run mobile money service, were some of the proposed mitigation measures. This study, therefore, provides a baseline survey to help MNO and the government that would wish to implement secure mobile money systems.

Blockchain Transforming Cyber-Attacks: Healthcare Industry

Abstract: Cyber-attacks mean those attacks launched on online users who are not security conscious either by using a computer network (spamming, phishing, etc.) Or as a tool to engage in criminal activities (cyberstalking or inside man, etc.). Cyber-attacks are on the increase thereby making cybersecurity a challenging task in this digital age. The Healthcare industry, been one of the largest industry has been facing a lot of cyber-attacks challenges ranging from malware attacks, Distributed Denial-of-Service (DDoS) attacks, and so on thereby leading to identity theft, data manipulation from an unauthorized entity. Electronic healthcare records are sensitive information that contains patient's personal information like name medication histories, lab reports, payment details, contact and home address which have to be shared among healthcare providers need to be efficiently secured from attacks. But the standard cybersecurity platform which is currently used by the healthcare industry to preserve information has a lot of flaws thereby rendering medical records venerable to cyber-attack. To address this problem there is a need to change the standard cybersecurity platform on the healthcare industry to blockchain-based security, which is one of the best solutions to cyber-attacks. We have done an in-depth analysis of cyber-attacks in the context of four stages and types of cyber-attacks threats. Blockchain technology can transform the healthcare industry by engaging with its Hyperledger fabric technology which will guarantee optimal security against all sorts of cyber-attacks. This paper will highlight how blockchain will transform cyber-attacks on the healthcare industry and with the recommendation of blockchain technology as a solution to cyber-attacks

Healthcare Biometrics Security and Regulations: Biometrics Data Security and Regulations Governing PHI and HIPAA Act for Patient Privacy

Abstract: The digitizing medical record has seen a pattern shift in the healthcare industry which increases the data in terms of complexity, diversity, and timeliness. Healthcare industry is encounters crucial threat owing to security breaches of healthcare databases. The patients were provided to destitution due to scamming data and stolen information by medical identity theft like data breaches are not influenced patients who are PHI (Protected Health Information) and PII (Personally Identifiable Information) but healthcare institutions. Automated health care system introducing personal and electronic health records (PHRs and EHRs) increase more data risk which advises privacy and security policies measures. Biometrics need in healthcare industry is increasing in the worldwide healthcare market. This paper identifies the healthcare data breaches and their primary causes with the role of PHI and HIPAA Act for dissuading data breaches. HIPAA Privacy Rule provides policies and standards to preserve Protected Health Information (PHI) of individuals held by the entities. In biometric market HIPAA Act enforces various needs to preserve confidentiality and privacy of patient information attained from healthcare facilities to develop fulfillment for dealing various principles.

A structured review and theme analysis of financial frauds in the banking industry

Abstract: Organizations of all types are vulnerable to frauds. Banks contribute to a significant extent in a country’s economic development by generating a large part of revenue in the service sector. Deterrence of fraud is impossible without understanding it. The present study attempts to extract themes by highlighting the major areas of the bank fraud literature within a specific time frame of 2000–2019 and finding the research gaps citing the future scope for research. Post the review of existing literature, using thematic analysis, two major themes were observed by the author, namely, “regulatory and compliance”–based studies and studies related to the “socio psychological” aspect of the literature. An examination of themes indicated that the popularity of the research areas shifted from accounting frauds or balance sheet frauds in early 2000s to areas such as cyber frauds and identity theft at the later decade. The present study paves way forward for future research on the bank customer’s vigilance, experiences and perspectives on frauds. Other significant areas of research include coping mechanisms with the various challenges faced by banks in marketing themselves after any major fraud occurrence.

A survey on biometric authentication systems in cloud to combat identity theft

Abstract: Biometrics has by far proven to be an effective solution for many of the security challenges that is prevalent in most of the technical fields in this Digital era. It is the measurement of physical or behavioral traits in humans used for unique identification. Biometricsuses the pattern recognition technology of Digital Image Processing for identifying unique features in humans. Most commonly applied or considered biometric modalities comprise fingerprint impression, facial landmarks, iris anatomy, speech recognition, hand writing detection, hand geometry recognition, Finger vein detection and signature identification. Biometric technology is applied in various fields, Security systems being one among them. This paper presents a thorough survey on how biometrics can be effectively applied to eliminate oneof the cloud security issue, identitytheft. Awide range of biometric authentication system protocols and implementations in cloud environment, especially to combat identity theft have been proposed earlier.

The identity theft response system

Abstract: Identity theft continues to grow in prevalence and complexity. Despite this growth, little is known about the identity theft response system and how it assists victims to recover. This study examin...

Data sovereigns for the world economy

Abstract: With the rise of data capital and its instantaneous economic effects, existing data-sharing agreements have become complicated and are insufficient for capitalizing on the full value of the data resource. The challenge is to figure out how to derive benefits from data via the right to data portability. Among these, data ownership issues are complex and currently lack a concept that enables the right to data portability, is conducive to the free flow of cross-border data, and assists in the economic agglomeration of cyberspace. We propose defining the term “data sovereign” as a person or entity with the ability to possess and protect the data. First, the word “sovereign” is borrowed from the fundamental economic notion of William H. Hutt’s “consumer sovereignty.” This notion of sovereignty is strengthened by Max Weber’s classic definition of “power” – the ability to possess any resource. We envision that data capital would provide greater “cross-border” convenience for engaging in transactions and exchanges with very different cultures and societies. In our formulation, data sovereign status is achieved when one both possesses the data and can defend any attack on that data. Using “force” to protect data does not imply an abandonment of data sharing. Rather, it should be easy for an organization to enable the sharing of data and data products internally or with trusted partners. Examples of an attack on the data might be a data breach scandal, identity theft, or data terrorism. In the future, numerous tedious, time-consuming, non-artistry, manual occupational tasks can be replaced by data products that are part of a global data economy.

Trust and Compliance Effects of Taxpayer Identity Theft: A Moderated Mediation Analysis

Abstract: We experimentally investigate how tax authority responsibility for preventing identity theft and tax authority responsiveness following identity theft influence taxpayers' trust in the tax...

Identity theft: a small step towards big financial crimes

Abstract: This paper aims to study the concept of identity fraud and how these identity thefts can actually lead to financial crime. These crimes which usually were done in the traditional way now have taken leaps with the increase in the use of cyber world.,Several research papers, articles and newsfeeds were referred to study the concept, growth, scope, effect and impact of identity theft. It was also found that identity theft is the most common type of cybercrimes.,Identity theft though a simple crime but if not taken care of can lead to multiple crimes which can affect not only individuals but also companies. And when these crimes impact companies, they can actually hamper the economy as a whole.,Information for the same is not available very easily, so the study is solely based on secondary data.,Identity theft effects an individual not only financially but also mentally and socially; thus, these effect each and every one in the said economy.,This paper is an original work of the authors, and it is for the use of students, educators and academicians.

Uncharitable Acts in Charity: Socioeconomic Drivers of Charity-Related Fraud

Abstract: Objective This article examines determinants of charity‐related crimes, focusing on socioeconomic influences. Charity crimes have proliferated in recent years but formal research on their causes is limited. Method Estimation methods using robust regression and two‐stage least squares are used, employing data across states in the United States obtained from the Federal Bureau of Investigation and other government sources. Results The estimation results show that states with heightened cases of identity theft have greater charity‐related crimes. However, I found no contagion from border identity theft or border charity crimes. With regard to other social factors, race and ethnic homogeneity were associated with charity crimes. Among economic factors, economic prosperity and economic disparity did not matter, but unemployment was associated with more charity crimes. Different dimensions of charity markets did not significantly matter. Conclusion The findings show that other white‐collar crimes such as identity theft might be crucially driving charity crimes.

Capable guardianship against identity theft: Demographic insights based on a national sample of US adults

Abstract: This paper aims to examine demographic differences between individuals who do not take measures to protect themselves from identity theft victimization and those who do. A majority of the research on identity theft has focused on predictors of victimization, reporting behaviors of the victims and their health and mental outcomes. However, little remains known about the individuals who choose to take any identity-theft measures despite concerns over this fast-growing breed of crime.,Guided by Felson and Cohen’s routine activities theoretical framework (1979), this study uses the 2014 Identity Theft Supplement of the National Crime Victimization Survey to identify the demographic characteristics that influence the use of self-protection measures among individuals in the general population.,This study finds that these individuals are much more likely to be white, older, female and highly educated. The decision to undertake protection against identity theft is also influenced by the following factors: prior experience of misuse, possession of a bank account in the prior 12 months, current possession of at least one credit card and awareness that one is entitled to a free copy of one’s credit report.,This study addresses the gap in scholarship on identity theft prevention by applying the concept of guardianship in Cohen and Felson’s routine activity theory (1979) to the usage of self-protection measures in a general population. Future findings will identify the areas which agencies and researchers can focus on to inform policies that foster individuals’ own initiatives to take self-protection measures against potential identity theft.