The Flaws of the Current Identity Verification Process and its Contribution to the Rising Threat of Data Breaches
The widespread practice of copying, transmitting, and storing personal identification documents as proof of identity is not only insufficient to guarantee their authenticity even if witnessed by a notary, but it is also exacerbating the issue of identity fraud. This is especially true in industries like finance, where transactions requiring identity verification are conducted on a regular basis. For example, financial planning businesses may conduct 2-5 transactions per week for clients, with around 15,000 financial planners doing this per week. This results in the handling of 30,000 identities per week.
This high volume of personal identification document transactions makes it a prime target for nation-state actors or other malicious actors. They can easily perform a man-in-the-middle attack and intercept all of this identification, potentially compromising the identities of thousands of individuals. In this example, if a nation state was to intercept 120,000 Australian’s identification over the course of a month, it could have devastating consequences. They can then use this information to age the accounts and make withdrawals over several months, potentially costing hundreds of millions of dollars.
Additionally, the storage of personal identification documents in digital form also increases the risk of data breaches and cyber attacks, potentially leading to the loss or theft of sensitive personal information. In conclusion, the practice of copying, transmitting and storing personal identification documents as proof of identity is not only ineffective in guaranteeing their authenticity, but it is also making the issue of identity fraud worse. It is important for industries handling large number of identities to have robust security measures in place, including using multiple forms of identification, background checks and encryption to protect the data.