I have a confession to make. One billion doesn’t mean all that much to me.
Let me explain.
Although I spend most of my days steeped in privacy and digital identity authentication issues, the staggeringly high figures that come out of data breaches and other instances of consumer fraud are often hard to comprehend. The Yahoo! data breach impacted one billion people alone and experts estimate that synthetic identify fraud, often using details leeched from data breaches, costs Canadians $1 billion per year. Admittedly, I sometimes have difficulty understanding how such gargantuan figures translate into real world impact.
Then, recently, I received a phone call.
“Good evening sir, I am an agent with the Canada Revenue Agency and I have uncovered some serious issues about your recent tax return.”
And there it was. With one sentence, the weight of billions of vulnerable people and dollars came crashing down into my reality. These figures aren’t a matter of understanding one billion as a whole, but rather as one interaction repeated one billion times. It takes one bad person to infiltrate another’s life and extract deeply personal information, and it takes that bad person to share that information with other malicious parties, whether that data be passwords, a phone number or a social insurance number.
I consider myself well-educated in the realm of cybersecurity and fraud prevention, but millions of people throughout the world. But expecting everyone to become security savvy to do simple online transactions is a bad idea. I don’t have to understand how payment networks work to keep my payment card safe; people should not have to understand how URLs work to protect themselves from phishing attacks, to pick one hacking issue. Our digital world is growing in sophistication and, unfortunately, so too is the complexity of cyberattacks and fraudulent activity.
We’ve all received similar CRA phone calls and phishing schemes. Maybe even some of us have giggled at the notion of sending personal banking details to the estate lawyer of a long-lost relative who “happened” to be West African royalty. But the reality of digital fraud in the 21st century extends much further than the typical schemes we’ve come to expect. Hackers can now breach sophisticated firewalls at companies like Yahoo!, LinkedIn, Dropbox, and even Loblaws.
King Canute’s new apocryphal challenge is digital. Today, the king is holding back a dam of potential fraud from washing away trust of Canadians in online services. All it takes for a dam to burst is a single failed “brick” in this dam of 150 bricks.
According to the World Economic Forum, the average person has 130-150 username and password combinations in use at any given time. That is a huge number of cracks in identity for malicious parties to enter into your private lives and use minimal information to visit lasting financial and emotional damage. Identity theft is permanent – when your identity has been compromised you will forever wear the scarlet letter of doubt about your true name. Every transaction will come with extra scrutiny and “random” security checks.
Luckily, although it takes one person to initiate fraud, it only takes one person to prevent it from ever happening. And unlike Canute, that one person – you – can control the waves of fraud faced each day.
March is Fraud Prevention Month and we at SecureKey urge you to educate yourself on how to avoid fraud in all its forms. We owe it to ourselves in this digital age to protect our digital assets and real life livelihoods.
This is what one billion means to me now. It means one billion opportunities for fraud education and it means one billion single instances where help people protect their privacy and their identity. SecureKey and our like-minded partners are working hard to better secure the digital environment in which we need to do our everyday transactions. We hope that you will take the opportunity this month to learn about fraud, how to best protect yourselves from it, and how to become the single instance in one billion that will begin to bring those immense figures down.
To learn about the different types of fraud and how to report fraudulent activity, please visit the RCMP’s Internet Fraud and Scams website: http://www.rcmp-grc.gc.ca/cycp-cpcj/is-si/osf-efel-eng.htm.