Validated Authorization

Bluntly speaking, if all transactions were approved and based on validated authorization, we won’t be having the identity theft problems that we’re facing today. As you know, identity theft occurs to commit various types of identity fraud including financial or credit fraud, employment fraud, and medical fraud. There are also criminal or character and driver’s license fraud but the bulk of the identity frauds are financially motivated and are committed to buy things with credit cards, steal cash, or get medical help or employment with someone else’s account or good name.

My personal opinion is that most people and companies are identity obese which greatly contributes to the identity fraud problem that the world faces today. By identity obese, I suggest that most people and organizations excessively collect, share and retain personal information for social and business reasons. Most people have a huge number of credit cards or online accounts and a single password for managing their accounts. And, most companies not only collect unnecessary amount of customer personal information, but do so, in an inconsistent manner. For example, one doctor office may collect personal information regarding a patient’s children while another may not. Why is there such an inconsistency in processing a patient’s file? One reason is that there are no industry standards to address the amount and type of personal information businesses can collect, share or retain, especially when addressing the collection of personal information. And, it gets even worse for average people. Not only they have no clue what risk situations they’re placing themselves into when they open unnecessary new accounts each day, but because they lack best identity protection practices, they also place their other accounts at risk by exposing the same password they use for all accounts.

Now that we’ve established the need for everyone to limit the amount of personal information they collect, share and retain, we need to address the need for validated authorization for approving each and every business transaction. Blind business decisions based on faulty assumptions are not in anyone’s best interest. When fraud happens, customers lose time, money and peace of mind while businesses lose customer loyalty, money and time also. Customers assume that businesses will not approve new credit accounts without their authorization because it’s not in anyone’s best interest but such authorization must be validated based on solid and not false assumptions.

Let’s talk about what I mean by validated authorization. A validated authorization is a business transaction approved based on the actual customer’s authorization. For example, when you place an order online to buy an item, how do businesses know that you are the rightful owner of the credit card? In order to reduce the risk of identity fraud, the businesses must first validate your identity before they can accept your authorization, and, this should apply to each and every transaction. Without validation of an identity, its authorization is worthless for processing business transactions. Validated authorization for business transactions is occurring to some extent but not consistently or based on the correct criteria. For example, some credit card transactions are authorized based on a customer’s knowledge of the credit card security code and this is not best way to validate the identity of the rightful owner of a credit card. You can read this article to find out why.

Some may argue that the cost of doing business will increase with a rock solid validated authorization process but my question is what is the value of reduced identity theft and fraud? Can we place any value on lost customer loyalty or the trust customers place on credit cards? What if consumers shy away from using their credit cards when the economy is good? I think when we combine these values with the potential cost savings related to fraud investigations and resolutions, we can see the true value of validated authorization, especially, when attempts are also made to reduce the identity obesity levels and the number of transactions which must be authorized.

Return from "validated authorization" to the identity theft blog.

Identity Protection Insights Newsletter

Effective identity protection requires dynamic and integrated solutions. This site provides awareness, education and many solutions to address the growing problem of identity theft. Please sign up for the Identity Protection Insights newsletter to receive periodic notification of important articles and solutions, major identity theft news analysis, fraud alerts, and other service announcements.

Enter your E-mail Address
Enter your First Name (optional)

Don't worry — your e-mail address is totally secure.
I promise to use it only to send you Identity Management Journal.