The 2018 Identity Fraud Study, by Javelin Strategy & Research, has some bad news for us. Identity fraud is at an all-time high, increasing by 8% last year to hit 16.7 million people in the USA alone. The amount stolen rose to a staggering $16.8 billion.
The victims are credit card holders. Criminals are scouring the Internet to find out things about you. Once they have enough information — where you were born, where you took your honeymoon, your mother’s maiden name — they start trying to take over your account. And in at least 16.7 million instances, they succeeded.
That is 6.64% (or every 15th) of US consumers, and looking at general data breaches, things get worse: a mind-boggling 30% of them fell victim to that.
And that’s not the end of the bad news. Criminals are also becoming more ingenious in how they harvest compromised credit cards and bank accounts for cash, using e-commerce accounts and other intermediary products to siphon off funds without being detected.
Why APMs are the answer (or part of it)
We don’t need to just accept being victimised as the price of living, working and shopping online. We can protect ourselves. The report itself makes some sensible suggestions. These include securing your devices, turning on two-factor authentication and freezing your credit report to stop anyone else opening new accounts in your name.
There’s also something else you can do. When you pay online, don’t use your credit or debit card. Repeatedly using your card online is like wandering around an open-air market in a strange country, paying for everything from a big sack of gold while everyone in the market watches you. It’s asking for trouble.
Instead, open an account with a reputable e-wallet and set it up so that you can only spend the funds, you pre-load onto it. If crooks do manage to harvest your account details, all they’ll get is whatever is left on the card after your last transaction, not the entire contents of your bank account.
Or even better, don’t open any additional account and use a so-called “push payment” APM, where you can initiate, i.e. push the payment yourself, without disclosing any sensitive data about yourself at all. Prominent examples of these are real-time bank transfer methods, like iDEAL, Sofort or MyBank, and thanks to the new Payment Services Directive (PSD2), all banks in Europe have to support this type of APM since January 2018.