skip to Main Content

The Equifax Scandal and the Need for a New Identification System

The Equifax Scandal and the Need for a New Identification System
By Todd Strandberg

Last month, Equifax announced that it had suffered a cyber-security breach; where cybercriminals accessed approximately 145.5 million U.S. Equifax consumers’ personal data. I didn’t think much about the breach until a couple of weeks later, when my online bank had a huge banner warning that I was one of the Equifax consumers.

If someone had asked me who is Equifax, my best guess would be that it is some antiquated company that makes Fax machines. It turns out that Equifax is one of the largest consumer credit-reporting agencies in the world. It tracks credit history on over 800 million individual consumers and more than 88 million businesses worldwide. Experian and TransUnion are the two other firms in the trinity of credit management, and they both have around 200 million consumers.

The CEO of Equifax, Richard Smith, was called before two House and Senate Committees to explain why his firm had suffered such a huge data breach. While lawmakers were chewing out Smith, the IRS was in the process of awarding Equifax with a non-bid contract to help validate the identity of taxpayers communicating with the agency, on the telephone or through its website. Just as large banks are too big to fail, big credit is too big to assail.

I read in the news reports that Equifax, Experian, and TransUnion are required by law to give everyone a free credit report once a year. I was wondering if there was a Nigerian version of myself, who might be flying to the Swiss Alps for wild shopping sprees in the finest stores in Zürich and Bern. It turns out that I died around 2009. My current consumer statements all show zero activity. The last three credit cards issued to me expired without use.

I don’t connect well with the $65 trillion credit that people have built up. For me, going out on the town involves a trip to Texas Roadhouse; which has to be limited to once or twice a month because of my cholesterol. My biggest consumer purchase of the year was a $250 comforter from Macy’s.

There have been many credit breaches in recent years. In 2013, hackers got into the Target Corp’s financial database and compromised at least 40 million cards. In 2014, Home Depot had a major breach affecting people who used payment cards on its self-checkout terminals. Just last week, the fast food giant, Sonic, said that credit and debit card numbers may have been acquired as part of a malware attack at some Sonic locations. The company did not disclose which locations or the specific time frame of the incident.

I don’t understand the complexities of how credit card information is stolen. I do know that the basic problem is because of two factors: speed and the modern ability to store vast amounts of information. In the early days of the internet, it would take those cybercriminals several years to transmit the records of 154 million consumers, and they would need a truckload of floppy disks to store all that data. Today, you can transfer the Social Security numbers of every American in a few minutes, and they would all fit on a single thumb drive.

The Equifax scandal has Washington questioning the security of our ID system. The Wall Street Journal and Bloomberg news both reported that the Trump administration is exploring ways to replace the Social Security number with a safer system, based on modern technology. Rob Joyce, the White House’s cybersecurity coordinator, said that one possibility is using cryptographic keys, or a combination of long random numbers, to unlock personal data. The merit of such numbers is that they could be revoked once they are found to be compromised, he explained.

If you issued an ID code that is 50 places long, there is obviously no way for you to remember this sequence of characters. The shortfall of a cryptographic key is needing to track who is receiving your information in a transaction. To maintain security, a central system will need to track and issue a new cryptographic key every time a person creates a new transaction.

The key can make the transmitting of data safe, but it needs to be placed in a safe location. The human body seems to be the only logical choice. The amazing prediction made 2,000 years ago is rapidly becoming a necessity.

“And he causeth all, both small and great, rich and poor, free and bond, to receive a mark in their right hand, or in their foreheads: And that no man might buy or sell, save he that had the mark, or the name of the beast, or the number of his name. Here is wisdom. Let him that hath understanding count the number of the beast: for it is the number of a man; and his number is Six hundred threescore and six” (Revelation 13:16-18).

– Todd

Original Article

Back To Top