The Evolution of Identity Management: What to Expect

The Evolution of Identity Management: What to Expect

InfographicLet’s face it, cyber criminals are getting smarter about manipulating, stealing and profiting off of others’ identities. Medical identity theft is on the rise. Tax return fraud is higher than ever. Children are being targeted for identity theft, and large corporations are being compromised more frequently for their customer and employee data. As technology has become cheaper and is more accessible, cyber criminals are engineering new ways to steal personal information and use it for financial gain.

Before diving into how identity management has evolved over time, let’s take a look at what identity management actually means.

Managing your identity has become more than safeguarding your credit data, financial information and Social Security Number (SSN). Today’s increasingly digital world means traces of your identity are everywhere – on social networks, in government and retailer online databases, on the cloud at work and in your mobile devices. Now, in addition to keeping your financial information, banking data and SSN out of reach of identity thieves, you must protect every digital facet that cyber criminals could use to gain more information about you. Sounds near impossible, right?

Actually, with more consumer awareness about the importance of identity management, a change in online habits and with the right tools, protecting your identity is feasible. Let’s take a look at how identity management has evolved over time and where it is headed in the near future.

Identity Theft, Then and Now

Prior to the digital age we live in today, identity thieves would gather personal information by hunting through trash for sensitive documents, calling and posing as someone needing your personal information for legitimate reasons or even purchasing personal information from store employees or others with access to files. Thieves continue to use those tactics, but have added an array of technical tools to the lineup, for example, malware. Cyber criminals employ malware to collect personal information from desktop and mobile devices. The Juniper Networks Mobile Threat Center released a report in 2013 showing a 600 percent increase in malicious app growth from 2011 to 2012.

In addition to malware, social networks have become an important tool for identity thieves. Social networks offer a gold mine of readily available personal data for cyber criminals. Criminals can manipulate users into giving them personal information via phishing schemes on social media networks or simply by looking up personal data that is public. Social network privacy policies change frequently, leaving users unaware that their personal information is readily viewable to prying eyes. In many cases, however, users simply have not set up their privacy settings to protect against identity theft risks.

Social networks and online gaming sites are also a hotspot to collect personal data from minors. Cyber criminals are targeting children’s identities more frequently as fraudulent activity can go unchecked for years until they turn 18. In CSID’s 2013 Child Identity Theft survey, we found that while 76 percent of parents are concerned that their child’s identity may be stolen and, 52 percent of them are not currently taking any action to prevent the misuse of their child’s online information, giving identity thieves an open opportunity to prey on minors’ clean credit reports.

Tax and healthcare identity fraud have also seen increases. According to the Ponemon Institute’s Study on Patient Privacy & Data Security, more than 90 percent of healthcare organizations were breached in 2011 and 2012. Identity thieves use stolen healthcare information to receive medical treatment or benefits. Tax fraud affected 1.6 million Americans in the first half of 2013, up from 1.2 million victims in all of 2012.

Identity Theft in 2014 and Beyond

Identity thieves will continue to engineer new tactics to steal personal information. Based on the trends CSID has seen in cyber-criminal activity. Here are three predictions on what to expect of identity thieves this year and in the near future:

  • Sophisticated marketplaces for stolen data have become more commercial and will continue to develop as digital currencies, such as Bitcoin and Litecoin, fuel their growth. These currencies offer identity thieves a way to conduct business transactions online and anonymously.
  • Expect to see increases in credential theft from app developers with special permissions, such as those with access to Google Play’s Developer Console. These credentials are particularly valuable to cyber criminals because they allow them to build and publish mobile apps infected with malware that can gather and steal valuable information like addresses, credit cards and logins from a user’s mobile device.
  • Complex social network fraud schemes will continue to increase. In addition to social media phishing attempts where an identity thief will pose as someone you may know in order to extract personal information from you via personal messages or chats, cyber criminals are starting to put together full profiles from data on social networking sites to use for identity theft purposes. For example, most social media users do not think twice about posting a mother’s maiden name, a pet’s name or a school mascot which are common password reset questions as well as credit authentication questions. Identity thieves can piece together personal information from your social media posts to impersonate you for identity theft and fraudulent purposes.

Identity Management Solutions that are in Place and Coming Soon

Despite the overwhelming statistics and state of identity theft, companies like CSID have created and continue to develop advanced solutions to help consumers better manage and protect their identities. Here’s a look at a few solutions that are currently in place and continue to be developed by companies to better protect consumers’ personal information:

Multi-factor authentication: This extra layer of security requires at least two of three authentication factors when logging into an account: something you are, something you have and something you know. Technology companies are quickly advancing this solution to create more “invisible” identifiers – like geolocation awareness or cadence with which you type – to make multi-factor authentication less of a hassle for consumers.

Non-credit data monitoring: Because identities are made up of more than just credit information, monitoring solutions now include email addresses, social networks, medical information and more. Consumer, employee and customer monitoring services send an alert when a piece of your identity has been compromised in real time. Consumers can become aware of the problem when it happens, rather than find out months after the fact when the damage has already been done.

Biometric identifiers: Voiceprints, fingerprints and retina scans are all examples of biometric characteristics that can be used in place of or in addition to a password. Unlike passwords, these identifiers cannot be lost, forgotten or stolen.

Identity theft is not going away any time soon, but advances in technology can lead to better identity protection and management. Stay aware, stay educated, and most of all, make identity management a priority in your personal and professional life.

About the Author

Joe Ross is the president and co-founder of CSID.

Featured

  • The Key to Wellbeing in the Office

    A few years ago, all we saw in the news was the ‘great resignation.’ Now we have another ‘great’ to deal with. According to CBRE, 2023 was the start of the ‘great return’ as office workers returned to their normal offices after working from home. The data shows that two-thirds of all U.S office buildings were more than 90% leased as of Q2 2023. Read Now

  • Failed Cybersecurity Controls Costing U.S. Businesses $30 Billion Yearly

    Panaseer recently released ControlWatch and the Continuous Controls Battle: Panaseer 2025 Security Leaders Report examining the cost of cybersecurity control failures and the impact of growing personal liability for security failings on security leaders. The report analyzes the findings of a survey of 400 security decision makers (SDMs) across the US and UK. It shows that security leaders feel under increasing pressure to provide assurances around cybersecurity, exposing them to greater personal risk – yet many lack the data and resources to accurately report and close cybersecurity gaps. Read Now

  • The Business Case for Video Analytics: Understanding the Real ROI

    For security professionals who may be hesitant to invest in video analytics, now's the time to reconsider. In a newly released Omdia report commissioned by BriefCam (now Milestone Systems), the research firm uncovered a compelling story: more than 85% of North American and European organizations that use video analytics achieve a return on investment within just one year. The study, which surveyed 140 end users across multiple industries, demonstrates that security technology is no longer just for security — it's a cross-organizational tool that delivers measurable business value far beyond traditional safety applications. Read Now

  • Survey: 54% of Organizations Cite Technical Debt as Top Hurdle to Identity System Modernization

    Modernizing identity systems is proving difficult for organizations due to two key challenges: decades of accumulated Identity and Access Management (IAM) technical debt and the complexity of managing access across multiple identity providers (IDPs). These findings come from the new Strata Identity-commissioned report, State of Multi-Cloud Identity: Insights and Trends for 2025. The report, based on survey data from the Cloud Security Alliance (CSA), highlights trends and challenges in securing cloud environments. The CSA is the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment. Read Now

Featured Cybersecurity

Webinars

New Products

  • Camden CM-221 Series Switches

    Camden CM-221 Series Switches

    Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings. 3

  • Automatic Systems V07

    Automatic Systems V07

    Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file. 3

  • PE80 Series

    PE80 Series by SARGENT / ED4000/PED5000 Series by Corbin Russwin

    ASSA ABLOY, a global leader in access solutions, has announced the launch of two next generation exit devices from long-standing leaders in the premium exit device market: the PE80 Series by SARGENT and the PED4000/PED5000 Series by Corbin Russwin. These new exit devices boast industry-first features that are specifically designed to provide enhanced safety, security and convenience, setting new standards for exit solutions. The SARGENT PE80 and Corbin Russwin PED4000/PED5000 Series exit devices are engineered to meet the ever-evolving needs of modern buildings. Featuring the high strength, security and durability that ASSA ABLOY is known for, the new exit devices deliver several innovative, industry-first features in addition to elegant design finishes for every opening. 3