Consumer identity theft prevention and identity fraud detection behaviours
| Date | 29 December 2011 |
| Published date | 29 December 2011 |
| DOI | https://doi.org/10.1108/13590791211190704 |
| Pages | 20-36 |
| Author | Norm Archer |
| Subject Matter | Accounting & finance |
Consumer identity theft
prevention and identity fraud
detection behaviours
John Gilbert and Norm Archer
DeGroote School of Business, McMaster University, West Hamilton, Canada
Abstract
Purpose – The purpose of this paper is to investigate consumer behaviour as it relates to identity
theft and fraud.
Design/methodology/approach – Using survey data, this paper models the relationship between
past experience of consumers and their levels of concern, and derives the principal components that
make up consumer behaviours.
Findings – The components are physical prevention measures, account monitoring, agency
monitoring, password security, and risky behaviour avoidance. These components were found to be
almost orthogonal, implying that consumers tend to “buy into” a particular component of behaviour.
The proposed model of consumer behaviour, while statistically significant, did not have high
predictive value.
Research limitations/implications – The survey data used were collected without reference to the
model used in this paper, which limits the efficacy of the model.
Practical implications – Consumers use all the behaviours in one component without regard to
other components. This can leave “holes” in consumer defence against identity theft and fraud.
Consumer education on identity theft and fraud needs to stress that consumers need to employ all
behaviours that can minimise risk and loss.
Originality/value – This paper puts forward an initial model of consumer behaviours as it relates to
identity theft and fraud. The derivation of the orthogonal components of behaviour is a new and
important finding.
Keywords Canada, Financialcrime, Fraud, Theft, Consumerbehaviour, Identity theft, Identityfraud
Paper type Research paper
1. Introduction
The quintessential crimes of the information age are identity theft and the use of stolen
identity to commit identity fraud. US Secretary of Treasury John Snow called identity
theft “the greatest threat to consumers today [...]” because it “[...] attacks the trust
and confidence that nurture our open economy, even as it destroys individual lives”
(Snow, 2003). According to a study by the US Federal Trade Commission (2003),
12 per cent of Americans had been victims of some sort of identity theft over a five-year
period. In Canada, 6.5 per cent of adults reported being victims of identity fraud in a
single year. The out-of-pocket costs to Canadian victims amounted to $150 million, and
20 million hours to recover from the resulting damage (Sproule and Archer, 2008b).
The responsibility for identity theft prevention can be said to fall on three groups:
the consumers that provide the information, the organisations (including businesses
The current issue and full text archive of this journal is available at
www.emeraldinsight.com/1359-0790.htm
This research was supported by the Natural Sciences and Engineering Research Council of
Canada.
JFC
19,1
20
Journal of Financial Crime
Vol. 19 No. 1, 2012
pp. 20-36
qEmerald Group Publishing Limited
1359-0790
DOI 10.1108/13590791211190704
and governments) that collect and use the information, and legislative bodies (including
national and regional governments) that regulate the handling of personal information.
The Organisation for Economic Cooperation and Development (OECD, 2009), for
example, emphasises regulation and calls for the standardisation of definitions and
statistics, the enactment of legislation to provide legal remedies for the victims, and
deterrence and enforcement for the perpetrators. The privacy commissioner for the
province of Ontario stresses the importance of the role of organisations in protecting
personal information (Cavoukian, 2005). Despite all the efforts of legislators and
organisations, however, the consumer still has a vital role in protecting his or her
personal data. Carelessness or lack of attention on the part of the consumer such as
neglecting to protect passwords, disposing of identity information in regular trash,
failing to secure regular mail or access to personal laptops, or responding to “phishing”
attacks, can undo all the preventative work of governments and businesses. These
groups recognise this reality and have encouraged consumer education regarding
identity theft and fraud.
Consumers, now and in the future, will play a critical role in identity theft prevention
and identity fraud detection. Without a concerted program of customer education,
legislation and technical solutions cannot prevent identity theft and fraud (Williams,
2007). This paper examines the precursors and attitudes that relate to the behaviours
that consumers use to prevent and detect identity theft and fraud. Specifically, does past
experience with identity theft and fraud relate to the level of concern about being a
victim? And does the level of concern affect consumer behaviours?
The remainder of the paper is organised in four sections. Section 2 defines identity
theft and fraud, presents some background and introduces a high-level model of
consumer behaviour in preventing and detecting identity theft and fraud. Section 3
presents the method used to analyse the data in support of the model. Section 4 describes
the results of the analysis in four parts; one for each of the components of the model.
Section 5 discusses the results and conclusions.
2. Background
Identity theft is the unauthorised access to personal information or documents; while
identity fraud is a crime involving the use of false identity (Sproule and Archer, 2007).
Generally, most identity fraud relating to financial and credit accounts is categorised as
existing account or new account. Existing account fraud involves the illegal use of an
existing account or credit relationship. New account fraud entails the creation of a new
credit account using a fraudulent identity and subsequent illegal use. There is some
discussion as to whether credit card theft and subsequent fraud should be considered
identity crimes. In most cases, the loss of a credit card and its subsequent fraudulent use
is less damaging to the customer than the loss of cash. No personal information other
than name and number is divulged, the card is usually replaced promptly, and the
customer is not usually responsible for any fraudulent use (Sproule and Archer, 2008a).
Despite the importanceof the role of consumers and significant survey work, there has
been little analytical work done on the behaviour of consumers to prevent, detect and
mitigate the effects of identity theft and fraud. Kahn and Roberds (2008) developed a
purely theoretical econometric model that predicted that identity fraud would exist in
equilibrium, balancing the cost of increased fraud against the cost of increased
conclusiveness in identification. Eisenstein (2008) constructeda model using parameters
Consumer
identity theft
prevention
21
To continue reading
Request your trial