I've never talked about this with anyone who knows the industry so it may be stupid in some obvious way, but I would gladly accept the inconvenience of having to go to my bank in person, carrying official ID, when opening lines of credit, if it would make the whole process secure. Banks could serve the process of relatively slow but reliable authentication for specific financial transactions, and communicate those authorizations to each other. Individuals who need more flexibility could opt out or do something more complicated, at the cost of some risk.
There's some cost to this, but I still suspect quite a few people would accept it.
My information was used to open a fraudulent mortgage loan, then when I asked my bank to not allow opening credit lines or transfers online was told "we can't do that!"
Thats how traditional banks work. You walk in Chase with your government ID to open up an account. It doesn't work. You can get high quality forgeries of government IDs made in China and there's no public DB to verify information on the card. RealID requirement for states to open up their driver license DBs only applies to government agencies(eg: TSA).
Also would you want to go in person to signup for paypal, venmo, etrade, betterment etc?
> Also would you want to go in person to signup for paypal, venmo, etrade, betterment etc?
Honestly, maybe that wouldn't be such a bad idea. A well-designed system would probably wind up contracting the post office for ID verification for online services (since in my country at least, they do a pile of random related stuff).
1. The bank should capture the ID you used the first time you entered and do comparisons. They should also capture your ID when you come in again. This will raise the difficulty of impersonating you and the risk the criminal takes.
2. One thing I didn't think to say, because my bank only exists in North Carolina: geography should matter. If you live in a particular city, opening an account from another state should be seen as suspicious, and merit greater checks. This is the kind of thing some people should be able to relax, but it's probably a good default for most of us.
3. Should I have to go to my bank for PayPal, Venmo, Betterment, eTrade, etc? Those cases don't all sound the same to me. But here's what I'd consider: how often is a person going to need to do this, and does the activity involve requesting credit? We've currently optimized almost exclusively for convenience at the expense of security. I'm proposing that we shift that balance a bit.
This is basically what Vanguard does if they get suspicious about your account security. Basically you have to show up at a notary with photo ID and get a form notarized.
It's probably not hard to forge a social security card and birth certificate if you have the relevant information. From there, a state ID (or maybe even passport) should be possible to get. I don't believe there is any biometric security on either. A determined identity thief might go that far.
This is the old "because a solution is not 100% effective, it's not good" chestnut. This solution would cut down on the theft by over 90%, I'd venture, probably more like 98%. There is huge difference between perpetrating a crime from the safety of a computer and physically walking into a bank to commit it.
$16 billion was stolen from 15.4 million U.S. consumers in 2016, compared with $15.3 billion and 13.1 million victims a year earlier. In the past six years identity thieves have stolen over $107 billion.
The thief would have to physically resemble the victim's photo, height, age, gender, etc, which is some added defense in depth. For instance it would be hard for most males to pass themselves off as a typical female.
> The thief would have to physically resemble the victim's photo
Why? Show up to a government station with your birth certificate, SSN, some telephone and utility bills, and they'll take the thiefs picture and put it on an identity card with your name on it.
That sounds incredibly bad for a first-world country. If that was the case, I'd argue that the entire country is in collapse. As you then have no control over foreigners impersonating locals and manipulating something as serious as elections, never-mind bank-fraud.
Edit: Point being, this needs to be fixed ASAP if you are to move your country into the future. Fix the regulatory/state hurdles that prevent it from happening, and get yourselves National Identification that's secure. Things will flow positively from there.
They don't use the SSN to check for prior IDs issued by other states and/or the Feds, and compare the applicant's photo/gender/age/height/eye color, etc to them first?
About twenty five years ago a bank allowed someone to cash checks with my name on them with all the correct account info on them as well, but was a different race and gender than I am (the banks had video of the customer). They did this about a dozen times for checks for what I assume was just under the amount that would flag it (about $2000) to empty my account over the course of about an hour, using different drive throughs at different branches in Houston, I lived in Austin at the time and had never visited a branch in Houston.
There's some cost to this, but I still suspect quite a few people would accept it.