Measuring Identity Theft at Top Banks (Version 1.5)
Author(s): Chris Jay Hoofnagle
Abstract: There is no reliable way for consumers, regulators, and businesses to assess the relative rates of identity fraud at major financial institutions. This lack of information prevents a consumer market for bank safety from emerging. As part of a multiple strategy approach to obtaining more actionable data on identity theft, the Freedom of Information Act was used to obtain complaint data submitted by victims in 2006 to the Federal Trade Commission. This complaint data identifies the institution where impostors established fraudulent accounts or affected existing accounts in the name of the victim. The data were aggregated and used to create comparative fraud ranks at leading banks. This analysis faces several challenges that are described in the methods section. This version incorporates and is substantially improved by comments provided on version 1.0, released in February 2008 and downloaded over 7,000 times.
Unlike version 1.0, this version provides actionable information to consumers on relative rates of identity theft in 2006. According to the measures in this report, American Express, USAA, and Citibank have the lowest rate of identity theft events among top credit card issuers. Among consumer banks, ING Bank and World Savings Bank performed well under every measure. Correlations were calculated for all the statistics the Federal Deposit Insurance Corporation maintains on top banks; generally the number of identity theft events correlates most strongly with measures of institutions size.
Keywords: privacy, security, identity theft, reporting