A few decades ago identity theft emerged as a headline news-making crime. At that time, law enforcement agencies struggled with how to find a criminal who used someone else’s identity, and then with how to charge someone with the crime.
Things like check washing and dumpster diving for discarded mail with personal information were pretty standard methods of stealing someone’s identity. But there’s a new component in the identity theft battle, one that stands to become a $34 billion industry in the next few years: mobile identities.
Your mobile identity is contained on your mobile device, specifically on the device’s tiny SIM card. Through things like digital signatures and online authentication, your phone can serve as a legally binding piece of identification at the airport gate, make a payment on your behalf, pay for and download digital content with your permission, share your health information with emergency medical personnel, and more.
As such, mobile identities are becoming a hot commodity among identity thieves and scammers. The recent rise in “phone porting scams” demonstrates that clearly. By gaining access to your cellphone number and a few pieces of information, a thief can pose as you at a cellular service provider. They request a phone upgrade, and your phone number is transferred to another mobile device without your knowledge. Once they have a working phone with your phone number, they download all of your apps and accounts to their new phone, including your email account, your mobile wallet, your peer-to-peer payment apps, and more.
The mobile communications sector is already at work on securing mobile identities and understanding the various crimes that can result from fraudulent use of mobile identities. For the most part, mobile identity security is out of individuals’ hands and is instead up to communications networks and payment authenticators to handle. But that doesn’t mean you can’t take proactive steps to keep someone from gaining access to your mobile identity through your physical device.
For individual consumers, it’s important to understand what this technology means; your identity—from your personal information to your physical location—is wrapped up inside a device that you carry with you each day, and it’s important to protect your data. Logging out of apps that you don’t use and blocking apps from running in the background are a good start, as is securing all of your apps and your device’s operating system with strong, unique passwords. Even if someone ports your phone number onto a new device, they would have to be able to use your app provider and operating system (your Apple ID or your Google Play password, for example) to gain access to your other accounts. Lock everything up tight with a strong password, and passcode the device itself to keep others out.