Identity theft

About: Identity theft is a research topic. Over the lifetime, 2284 publications have been published within this topic receiving 31700 citations.

Identity theft prevention in the healthcare setting.

Abstract: How a healthcare security department has undertaken a program to prevent employees, patients, and visitors from becoming victims of Identity Theft as well as providing help for victims of this crime in mitigating their losses. An Identity Theft affidavit for ID theft victims is illustrated.

Intrusions and Their Lock in Data Communications Through Internet

Abstract: Intrusions on entities in a network can be manifested by: identity theft, fraudulent routing, target flooding with protocol messages, and broadcasting an ICMP protocol messaging protocol. Intruders lead to blocking the service for legitimate users, and targets are flooded with unsolicited emails,Protection against such actions can be done with a number of security measures, such as: installing firewalls and installing intrusion detection systems. These safeguards can eliminate or even minimize the likelihood of materializing security threats and prevent attacks on the security features of a system.

On Enabling Additional Natural Person and Domain-Specific Attributes in the eIDAS Network

Abstract: Within digital virtual space, secure and efficient user authentication and identification are essential to prevent identity theft and unauthorized access to sensitive information and services. The eIDAS network implementing the European Union (EU) Regulation 910/2014 links the electronic identity (eID) systems of EU countries to allow citizens’ access by authenticating with government eIDs. At authentication time, the eIDAS nodes transfer core personal attributes (i.e., name, surname, date of birth, and an identifier) to the service providers (SPs). Since long-term applications require more personal or domain-specific data to provide the service or to perform identity matching, the SPs must obtain such data in an alternative way, with additional costs and risks. Herein, we extend the eIDAS network to retrieve and transfer additional person and domain-specific attributes besides the core ones. This process introduces technical, usability, and privacy issues that we analyze. We exploit a logical AP Connector between the eIDAS node and the entities providing additional attributes. We implemented two AP Connectors, named AP-Proxy and AP-OAuth2, integrated with the Italian pre-production eIDAS node to get additional attributes from the Politecnico di Torino university backend. In an experimental campaign, 30 students have accessed academic services at three foreign universities with recognized Italian eIDs, and transferred additional attributes over the eIDAS network. Despite some usability and privacy concerns encountered, the user experience was positive. We believe our work is helpful in the implementation of the recently adopted European Digital Identity framework, which proposes to extend the person identification data set recognized cross border, and the creation of digital wallets linking different data sets or credentials.

Self-made Data Protection – is it Enough? Prevention and After-care of Identity Theft

Abstract: The Cambridge Analytica scandal was not the first data breach that shattered users’ expectations of internet services. Many online services had similar incidents before, based on flaws in IT-security or caused by a member of the company. All of them have one thing in common: the data breach leads to a massive risk for personal data and the user’s identity. Further, the consequent damage could hardly be limited or stopped because data can be copied and shared infinitely. Therefore, preventive services for identity leaks has been created – so-called identity leak checkers. These services certainly help to protect individuals’ digital identities. However, the legal and technical aspects are rarely discussed. This article analyses these leak checking services and outlines their positive and negative aspects. Then, focussing on the negative aspects, it outlines guidelines for a revised version of an identity leak checker. Including both legal and technical aspects, this revised version would lead to “Effective Information after an Identity Theft” (EIDI) – also the name of an actual German research project with the same acronym explained in detail in the article.

Beyond Whiffle-Ball Bats: Addressing Identity Crime in an Information Economy

Abstract: The article discusses the challenges to the protection of private personal information in the age of rapid technological changes and advances with a particular focus on the explosion of Identity Theft Crime (IDC). The paper highlights the compartmentalized and imbalanced roles that the free market and law enforcement (LE) play in response to this emerging threat to privacy, the implications of this dynamic, and recommendations for improving the societal risk management of Identity Crime.