Logic would tell us the answer to that question is certainly true.  Social Security Numbers (SSN) are assigned to individuals for a variety of reasons, some advocated by conspiracy theorists and some that are more prosaic in nature.  At its core, the SSN provides the government the ability to track consumption of government benefits, originally social security benefits. Rationally, it would seem that using someone else’s  SSN to derive some benefit would be illegal.  But a number recent court decisions indicate that using one’s own name in conjunction with someone else’s SSN is not necessarily a crime.

Bob Sullivan’s Red Tape Chronicles admirably details several cases in which people were charged with identity theft for using another person’s SSN.  In each of the cases, the courts found that identity theft had not actually been committed.  In one case, an individual had simply made up a nine digit number for use as a social security number.  In another,  a SSN was used to obtain financing for a car.  What is particularly troubling here is that consumers are hearing two radically different stories.

1. You must protect your SSN – the SSN, at the end of the day, still provides almost unfettered access to almost every facet of an individual’s life.  Bank accounts, jobs, mortgages and auto loans, school admissions.  All of these things can be tracked, or compromised, using one’s social security number.
2. The fraudulent use of your SSN is not always a crime – the courts in these cases found that if an individual makes up a number, s/he doesn’t really know if it belongs to someone else and can therefore not have intentionally committed identity theft.  In another case, the courts found that because the SSN was used, but not required, to obtain financing  no identity theft had occurred.

What is interesting here, is that these court decisions are in contradiction to state laws that have been drafted to protect individuals from the unauthorized use of their personally identifying information.  Texas, for instance, has legislated that a person may not “possess, transfer, or use personal identifying information of another person without the other person’s consent and with intent to obtain a good, a service, insurance, an extension of credit, or any other thing of value in the other person’s name.”  Fines for doing so can range from $2,000 to $50,000.  Virginia declares the unauthorized use or disclosure of a social security number to be a class 5 felony.  Similarly, Hawaii classifies the unauthorized possession of “personal, confidential information” as a Class C felony.  It will be of great interest to watch the interplay between these court decisions and the laws of the states in terms of the protection of consumers.

It would seem that, for consumers at least, the lesson here is clear.  The social security number is arguably the most vital piece of personal information available and the courts are demonstrating a reluctance to afford it appropriate protections.  As courts become more lax,  identity thieves may become more bold.   That means that consumers must become hyper-vigilant in the protection of  all personal data.

Dr. Heather Mark, PhD; SVP of Market Strategy

The following was published at Focus.com: Security as a Means to Consumer Privacy

Today’s news was replete with cyber-horror stories.  In addition to last weeks news regarding the routing of US web traffic through Chinese routers, today’s news featured an announcement of the arrest of Lin Mun Poo, a hacker in Malaysia accused of breaking into the Federal Reserve and stealing 400,000 credit card numbers, and an article on the low-tech methods used by hackers to gain access to financial accounts.   This last article, regarding the ways in which hackers can gain access, is the one I’d like to address today.

I’ve often said that the technology part of security is relatively easy (please note that I said relatively easy – not that it’s a piece of cake).  The most difficult part of security to manage is the human element.  An excellent example of this is provided by the MSNBC article:

“Sitting at a computer somewhere overseas in January 2009, computer hackers went phishing.Within minutes of casting their electronic bait they caught what they were looking for: A small Michigan company where an employee unwittingly clicked on an official-looking e-mail that secretly gave cyberthieves the keys to the firm’s bank account.Before company executives knew what was happening, …[the] company, was broke. Its $560,000 bank balance had been electronically scattered into bank accounts in Russia, Estonia, Scotland, Finland and around the U.S.”

Hackers often employ social engineering techniques so that they don’t have to “break into” accounts and networks.  They can simply walk in the proverbial front door.  Human nature is often the chink in the security armor.  The holidays, coupled with the global financial picture, make scams and social engineering much more likely.  According to Robert Siciliano, who worked with the Identity Theft Resource Center (IDTRC)to identify the top trends of 2010,  “Whenever our nation has faced a difficult time, thieves have found a way to use the problem to their advantage…In my adult life, I’ve never seen more variations of old scams and the degree of sophistication in newer scams”

The IDTRC has significant resources for consumers and businesses.  These detail both the current trends in social engineering and hacking methods, but also provide information on how to identify a scam.  Businesses can also find information on privacy and data security at the Bureau for Consumer Protection Business Center.

Though the holiday season is upon us and it is traditionally a time of good will to our fellow man, it is important to remain diligent in protecting information – our own and our customers.  Hackers and thieves don’t take holidays in their mission to steal data and gain access to financial accounts, and we cannot take a holiday from our mission to prevent these thefts.

Heather Mark, PhD. SVP of Market Strategy

The holiday season is upon us.  Consumers are all a commotion in finding the best prices, the greatest toys, electronics, and clothing for their friends and family.  What most people do not consider are the threats dealing with credit card fraud, scamming, identity theft, and even now your children are at risk.

A large number of households have computers.  Your teenagers are constantly searching for the latest gadget on the market and in doing so, clicking through web pages.  What they most likely do not realize, other web pages pop up and are immediately clicked.  These pages, appealing to the eye, with the possibility of winning free merchandise, may just be a scam.  “So what happens if your teenager does start giving out his name, email address and other personal information? His data is then sold to marketers and in worst case scenario it could be used for identity theft,” stated Stacey Bradford (http://financiallyfit.yahoo.com/finance/article-111267-7371-6-holiday-scams-targeting-kids?ywaad=ad0035&nc).  

Overall, inform your teenagers and children to never give out their personal information.   Once a data thief has certain information, they will immediately put it to use and possibly steal your identity.  If you or your children receive an email or asked to provide information in order to receive a product, beware, this may be phishing.  The ProPay Resource Center is a valuable tool to help educate on what to look out for, what red flags may signify a possible attack.

ProPay, Inc., a Utah based technology company, was founded a little over a decade ago on the general premise that merchant payments could be done more simply and more affordably using technology.  The first product, FaxPay, was launched and a rich history of innovation began.  ProPay has received numerous accolades and awards over the years, largely due to the dedicated and innovative employees that work for the company.

Recently, Newsweek magazine highlighted the growing Utah economy and many Utah based technology companies in Promised Land, How Utah became the new economic Zion written by Tony Dokoupil.  Mr. Dokoupil writes, “But while nearly every local economy succumbed to the frozen credit markets, failing to grow much during the last two years, Utah has flourished.”  In fact, the Utah economy has flourished, averaging 3.5 percent annual growth over the last five years. 

Describing Utah further, Mr. Dokoupil writes, “Greater Salt Lake City, the 75-mile corridor stretching from Ogden in the north to Provo in the south, has absorbed massive new data centers for eBay, Twitter, and Oracle; splashy new offices for Disney Interactive and EA Sports; and, just last month, a commitment from Adobe—the makers of Flash and Acrobat—to build a thousand-person software-development campus.”

“Homegrown tech is booming as well. The University of Utah recently tied MIT for creating the most companies out of its patented research: more than 80 since 2005. Provo, home to Brigham Young University, has the most high-growth companies per capita in the country, according to Inc. magazine.”

ProPay is proud to be a “homegrown tech” company here in Utah.  We will continue to work hard to stay true to the general premise upon which ProPay was founded.  We will continue to pursue innovation.  We look forward to many more years of serving the needs of our existing and future customers.

Ryan Oakes

Vice President, Product Management