Skip to main content

Über dieses Buch

Financial identity theft is well understood with clear underlying motives. Medical identity theft is new and presents a growing problem. The solutions to both problems however, are less clear.

The Economics of Financial and Medical Identity Theft discusses how the digital networked environment is critically different from the world of paper, eyeballs and pens. Many of the effective identity protections are embedded behind the eyeballs, where the presumably passive observer is actually a fairly keen student of human behavior. The emergence of medical identity theft and the implications of medical data privacy are described in the second section of this book.

The Economics of Financial and Medical Identity Theft also presents an overview of the current technology for identity management. The book closes with a series of vignettes in the last chapter, looking at the risks we may see in the future and how these risks can be mitigated or avoided.



Chapter 1. Identity in Economics, and in Context

Unique identification today is as much about money as was the wide adoption of last names centuries ago. Governments around the world adopted identity schemes to enable census and taxation. Today businesses are creating and using new identity systems in order to enable commerce. Identity allows for the creation and pricing of risky contracts. Victims of identity theft often wonder, “how can person I never knew in a state I have never visited create a debt with a bank with whom I have never done business, and which now I am expected to pay?” The creativity of such identity thieves knows no bounds. They can use identity to steal money, goods, or services. They can also use an identity to commit other forms of fraud against unrelated individuals, firms, or governments. Sometimes the schemes are simple—like using a stolen credit card to buy a laptop or an insurance number to steal healthcare. Other schemes are far more complex, involving an ecosystem of intermediaries. The factors that created this situation and the resulting challenges that must be addressed to extricate us are the focus of this book.
L. Jean Camp, M. Eric Johnson

Chapter 2. Modern Technological and Traditional Social Identities

For much of human history, identity was linked to community. Within the community, identity was clearly understood and context defined all. Who you were and what others thought depended on where you sat: throne, bar stool, or the side of the field. Now, where you are sitting proves nothing.
L. Jean Camp, M. Eric Johnson

Chapter 3. Identity Theft

The name of a thing is sometimes quite illustrative. The remote control offers the ability to implement preferences over a distance. A browser allows one to go lightly from one virtual space to another, browsing not committing to one thing as with the purchase of a paper. The transistor is characterized by changing, or transient, behavior in terms of electrical resistance. Fireplaces are places designed for fires, and compressors compress.
L. Jean Camp, M. Eric Johnson

Chapter 4. Defeating the Greatest Masquerade

Identity theft, medical identity theft, phishing, identity fraud, criminal identity theft and payment instrument frauds are all examples of malicious activity that requires a successful masquerade. Even confidence fraud is a masquerade, of a criminal who claims to be an honest person in a particularly difficult or powerful situation. While networks and databases have made it more difficult to maintain privacy, these technologies have also conversely made masquerade attacks easier. An examination of masquerade attacks can illuminate the importance of credentials, the threats that together create identity theft, and the relationship between privacy and security.
L. Jean Camp, M. Eric Johnson

Chapter 5. Secrecy, Privacy, Identity

Phishing attacks are so profitable because they enable cascading failures. Online identity systems that are built upon concepts of papers and identification enable these cascading failures in part because such systems do not protect privacy.
L. Jean Camp, M. Eric Johnson

Chapter 6. Security and Privacy as Market Failures

Most software is sold as is, according to the end user licensing agreement. This means that the software is released with bugs, known and unknown. There is tremendous market pressure to push software out the door. Money flows in as soon as the software is written. Being first may mean market dominance.
L. Jean Camp, M. Eric Johnson

Chapter 7. Identity Theft in Healthcare

To understand identity theft in healthcare you have to follow the money. And there is a lot of money in healthcare! Growing faster than the overall economy or the rate of inflation, U.S. health care costs are projected to nearly double in the next decade to $4.6 trillion, representing one-fifth of the entire economy by 2020.
L. Jean Camp, M. Eric Johnson

Chapter 8. Healthcare Data: Protections and Hemorrhages

Hemorrhages of patient health data fuel identity theft and privacy violations. Given the fragmented nature of the US healthcare system, data hemorrhages come from many different sources—ambulatory healthcare providers, acute-care hospitals, physician groups, medical laboratories, insurance carriers, back-offices of health maintenance organizations, and outsourced service providers such as billing, collection, and transcription firms. While the US HIPAA legislation on privacy and security went into effect over five years ago, healthcare information security remains a significant concern as organizations migrate to electronic health records. The recent HITECH legislation aimed at accelerating this migration contained mandates for greater security, including the addition of new requirements on breach reporting. In this chapter, we overview both HIPAA and HITECH and examine their impact on data hemorrhages.We then take a look at the types of data that are lost and how these leaks occur in healthcare. To illustrate the issues, we include results from our ongoing research and a case study illustrating the disturbingly private patient information that is exposed.
L. Jean Camp, M. Eric Johnson

Chapter 9. Technologies of Identity

Should we trust hardware any more than we trust code or software? Why? What are the differences? In order to trust a device or system to perform actions on our behalf, whether it is some form of local data processing (e.g., word processing) or an electronic commerce activity (e.g., ordering goods via the Internet), we have to have trust in the devices that perform these actions on our behalf. Certainly, we are confident that our Selectric typewriters will remain uninfected by viruses. By contrast, we cannot have the same level of trust in our word processors regarding viruses. On the other hand, a Selectric has far fewer features than a word processor.
L. Jean Camp, M. Eric Johnson

Chapter 10. Identity Scenarios

Under this scenario the tools of anonymity serve the ends of business and egovernment. Service providers can only link transactions to identifiers of individuals when needed for a specific service. These identifiers generally are not linkable to each other: They are service-specific. Most transactions are authorized without the need for even these identifiers by means of anonymous credentials. For example, a person can show that she is authorized for a service as a county resident, or as a veteran, or as disabled, or as having some combination of these without needing to identify herself.
L. Jean Camp, M. Eric Johnson

Chapter 11. Scenario IV: Ubiquitous Identity Theft

This scenario offers a view of the world that most observers today would consider a worst case. Identity theft, characterized by law enforcement as the fastest growing crime in the United States, [86] has grown exponentially. Identity theft grew beyond epidemic proportions as confirmed by the Federal Trade Commission. [71] Due to continued weaknesses in identity frameworks, increased demands for information upon using and purchasing content and increased weaknesses in security, it is quite common for individuals to feel comfortable assuming the identity of others simply to protect themselves. For example, the medical database begun under Bush has no meaningful privacy protection. [144] Obtaining care at a pharmacy or minor emergency center that might result in future refusal to insure or personal embarrassment requires a credit card and id in a false name.
L. Jean Camp, M. Eric Johnson, Ari Schwartz

Chapter 12. Closing

The four scenarios show that there are really only two choices: decentralized, often anonymous credentials or ubiquitous identity theft. Within the range of reasonable anonymity there are different choices for breeder, foundational documents. The question is “who are you” in a social paper world becomes “what are your credentials” in a digital networked world. Confusing those questions will create another generation of identity theft with the same convenience of easy credit at the same costs in broken records and hindered lives.
L. Jean Camp, M. Eric Johnson


Weitere Informationen

Premium Partner

BranchenIndex Online

Die B2B-Firmensuche für Industrie und Wirtschaft: Kostenfrei in Firmenprofilen nach Lieferanten, Herstellern, Dienstleistern und Händlern recherchieren.



Best Practices für die Mitarbeiter-Partizipation in der Produktentwicklung

Unternehmen haben das Innovationspotenzial der eigenen Mitarbeiter auch außerhalb der F&E-Abteilung erkannt. Viele Initiativen zur Partizipation scheitern in der Praxis jedoch häufig. Lesen Sie hier  - basierend auf einer qualitativ-explorativen Expertenstudie - mehr über die wesentlichen Problemfelder der mitarbeiterzentrierten Produktentwicklung und profitieren Sie von konkreten Handlungsempfehlungen aus der Praxis.
Jetzt gratis downloaden!