25 February 2005

The Modern Day "Bonnie and Clyde"...

As Bank of America now joins ChoicePoint to try and explain the theft of not just thousands but millions of data records, one has to wonder. Does the modern "Bank Robber" need a mask and a weapon to pull off a six figure heist?

Not so according to some of the latest operational risk losses by major financial services institutions. The modern day "Bonnie and Clyde" only needs to purchase one of the latest downloads from the Internet to create a portfolio of bait for a contemporary "Phishing" expedition. Or in the case of B of A, a supplier who seems to have lost a few data tapes on their way to a secure location.

If it isn't apparent already, the real issue here is the lack of controls and auditing of the supply chain of outsourced services or the key lego blocks in the Enterprise Architecture.

Sen. Charles Schumer, a New York Democrat, said he had been informed by the Senate Rules Committee that the data tapes were likely stolen off a commercial plane by baggage handlers.

"Whether it is identity theft, terrorism or other theft, in this new and complicated world, baggage handlers should have background checks and more care should be taken for who is hired for these increasingly sensitive positions," Schumer said.

Bank of America, based in Charlotte, North Carolina, said it will continue to monitor government cardholder accounts included on the data tapes and cardholders would be contacted if unusual activity is detected."

It won't be long before the Privacy Advocates give way to the reality that it's time to seriously revisit authentication beyond today's US norms.

One of the key drivers behind the push to take up biometric technologies is that governments are beginning to mandate that biometric identifiers such as facial images and fingerprints be used in official documents, including passports. And biometrics is also seen as essential for the provision of e-government services to citizens to ensure accurate authentication to prevent fraud.

However, in the long term, biometrics, by their very nature, will compromise privacy in a deep and thorough fashion. If and when face-recognition technology improves to the point where surreptitious cameras can routinely recognise individuals, privacy, as it has existed in the public sphere, will in effect be wiped out. No doubt there will be some benefits: fraud, in particular the persistent and increasingly annoying problem of identity theft, might be substantially reduced if biometric-identification systems, introduced in the form of passports, visas and identity cards, become widespread. But privacy advocates argue that such benefits are not worth the risk of “function creep”—that once biometric passes have been issued by governments, it will be tempting to use them for all sorts of things, from buspasses to logging on to your office PC.
See the Economist to see what the experts were thinking two years ago.

This of course won't have much impact on the savvy baggage handlers who are now becoming this generations equivalent of "Bonnie and Clyde".

No comments:

Post a Comment