Insights & Analyses

As identity thieves steal $36,500 every minute, opposing forces bring the fight to them

March 2, 2017

Identity theft costs companies and consumers billions of dollars every year, prompting experts to confront fraudsters on their turf, working to have user identities eliminated from the dark web.

Data from Javelin Strategy and Research suggests identity fraud led to $112 billion being stolen from 2009 to 2015, equaling $35,600 stolen per minute.

And much of that theft comes from low-hanging fruit — such as banking customers who click on phishing emails — meaning basic online identity theft is not likely to go away anytime soon.

The ongoing, costly problem prompted XOR Data Exchange, which helps organizations optimize and monetize data they own, to partner with Zoot Enterprises, a technology provider for financial institutions. Together they plan to provide Zoot clients access to multi-industry data predictive of identity theft and fraud risk.

In short, they want to get smarter than fraudsters.

And despite their nefarious tendencies, fraudsters, it turns out, are pretty smart.

Through XOR’s Compromised Identity Exchange, financial service providers can more accurately recognize identity theft and fraud risk for individual consumers and accounts, due to their involvement in one or more data breaches. That’s been made possible in part by massive leaks over the years, leading to private user information being shared on what is known as the dark web, a place where users can exchange and sell such information.

To combat that, XOR CEO and founder Mike Cook has led the fight to the dark web, where his team has successfully removed some 1.8 billion compromised consumer records over the last six months. Speaking on the latest episode of One World Identity’s State of Identity podcast, Cook explained that fraudsters have not yet modified their behavior yet, but they eventually will as the efforts to thwart them become smarter.

“At some point, to be honest, they’ll figure it out before we figure out that they figured it out, because they’re pretty dang smart,” he admitted.

One of the biggest issues from a major data breach is poor user behavior, such as using the same information — like passwords — across a variety of sites. And it’s difficult to find fraud that is a result of someone else’s data breach — which is where XOR comes in, as a sort of additional layer on top of a company’s existing, internal fraud protection.

“Even if there is (just) a loss of an ID and password, the fraudster can get in and they can get more information about you, and then they can take over the account,” he said.

And even if XOR, Zoot and others can put a dent in rampant fraud efforts, the good guys have a long way to go — especially with money being stolen at a rate of $36,500 per minute.

“It is crazy,” Cook said, “how much room they’ve got to operate.”

For more, hear XOR’s CEO along with Zoot Enterprises Senior Vice President of Sales and Marketing Travis Tuss on the latest episode of the State of Identity podcast. And be sure to subscribe on iTunes for new episodes and thought provoking discussions on identity every week.