Wednesday, February 10, 2010

Should my financial identity be a 9 digit number?

"In 2009 the average data breach cost the affected business $6.75 million". "In about one out of five cases [...] a victim of identity theft switches banks.". These are the numbers reported by Forbes from a recent Javelin Research study on the effects of identity theft and data loss. The article focuses on two sides - when an individual's identity is stolen by chance, or when a financial services company loses masses of data due to a breach.

The cost of a bank acquiring a customer is hundreds of dollars, stemming from the marketing, the expensive promotions and the actual setup fees when the customer starts opening that account. So losing potentially thousands of customers through lax security measures is going to be painful for the bank, as it should be. In really large cases, the impact on an institution's brand, and the security or lack of it that people associate with that brand is impossible to calculate. That will make future customer acquisition efforts even harder.

Interestingly on the other side, where a customer is a one off individual in identity theft, banks are apparently footing more of the bill. And really, is this a surprise? Good customers are hard to find, so punishing them for something that they probably have no control over can only go three ways: the customer is liable for it, tough luck; the overall consumer banking system accepts that it is a cost of doing business to keep them credible with customers, and they work hard to formulate ways of protecting customers better behind the scenes; we all get persuaded by fear that the only safe thing for us to do is buy some form of identity theft insurance.

Even as banks are footing the bill and swallowing many of the costs associated with identity theft, it seems that individuals are not letting their guard down. There is still a sense of personal responsibility it seems. According the Javelin article:
"We've found that individuals really guard their personal identity," says Van Dyke. "They have a high degree of fear and anger when it's stolen, even when they have zero liability."

If consumers lose faith in the financial system to help them protect an identity that they have little control over, it is possible that we could see an impetus for a system that is not driven by how well you can commit to memory a nine digit social security number that has to be shared with almost every organization you do business with. Really how relevant is the IRS advice to 'keep your SSN secure', when there is little control of who can ask for it or how well they protect it?

A post from the Improving It blog

To implement workflow and process automation in your business today, visit

No comments: