Breach, Data Security, Malware, Phishing

Businesses detecting ID fraud faster, absorbing more costs

Identity fraud increased by 22 percent last year, but the burden on consumers is lessening, according to a new study.

The “2009 Identity Fraud Survey Report” was released today by Javelin Strategy & Research. The survey found that of 4,784 individuals randomly polled, 482 were the victims of identity fraud. 

Though the prevalence of fraud rose, the survey revealed that the cost of identity theft to customers dropped by 31 percent -- from $718 per incident in 2007 to $496 in 2008, its lowest rate since 2005.

The study attributed the fall to better and faster fraud detection and resolution.

Jim Van Dyke, president and founder of Javelin Strategy & Research, said this is good news for consumers because it means that merchants, financial institutions and billing organizations are absorbing a greater portion of the loss.

“Corporate America is shouldering more of the load than ever before,” he said.

The study also found that data breaches accounted for 11 percent of fraud cases in 2008, and online identity theft methods -- phishing, hacking and malware, for example -- accounted for another 11 percent.

“The role of data breaches is not as strong as many people think,” Van Dyke said. “We aren't saying they are not bad -- they are generally inexcusable and companies need to take stronger action, but we are not seeing the [strong] correlation between data breaches and actual identity fraud.”

But Ori Eisen, founder and chief innovation officer at fraud detection provider 41st Parameter, said the number of fraud cases resulting from businesses should not be underestimated. And, he said, the statistics could be much higher considering many victims are unsure how their data was obtained. 

"Clearly we should take [the findings] with a grain of salt because exploits are so nefarious today," Eisen told on Monday.

For enterprises, protecting the records of customers is absolutely essential and it's not something that should be dealt with lightly, said Matt Cullina, CEO of Identity Theft 911, which advises victims.

Cullina told that the recent case of the recent breach at payment processor Heartland Payment Systems soon resulted in a class action lawsuit being filed against the company. That's because when a data breach occurs -- whether a customer has been the victim of identity theft -- they feel like they have been damaged, Cullina said.

“When it comes to your key personal information, there's no shelf life to that data," Cullina said. "Once it's exposed, it's exposed."

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.