One step ahead, not two steps behind: the fight to protect our identities

This thesis reviews different types of identity theft and conducts and in-depth review of the threats to our personally identifiable information (PII). There has been an alarming increase in the availability of industry applications that aggregate our PII with the promise of convenience. This paper deeply explores three data aggregators: Google Mobile Wallet, COIN and PayPal Beacon, to understand what they are, potential security implications and how widespread data aggregation may alter the identity landscape as a whole. Discussion of common technologies leveraged by these data aggregators help illustrate the vulnerability of the data consumers are willingly sharing. In an attempt to better understand the crimes that steal and fraudulently use PII, this thesis introduces the ITAP, the Identity Theft Assessment and Prediction tool to illustrate why it is important to study theft and fraud as a business process. The paper presents a small, independent study conducted to emphasize the validly of both the business process ideology and usefulness of the results. Closing thoughts are presented to speculate what the future of identity could look like and how consumers may need to use the information gathered from tools such as the ITAP to shape best practices. The goal is to be two steps ahead instead of one step behind.