Group Fights Online ID Theft

Microsoft Corp., RSA Security Inc., eBay Inc., and others formed an organization to fight online identity theft.

Microsoft Corp., RSA Security Inc., eBay Inc., and several other technology companies and groups last week formed an organization to fight online identity theft.

Known as the Coalition on Online Identity Theft, the nascent group plans to use a four-part strategy to help consumers and businesses counter the growing problem of online identity theft. The announcement of the groups formation comes more than a year after officials at the Information Technology Association of America, a powerful technology trade group in Arlington, Va., called for such a coalition. The ITAA will serve as the coalitions secretariat.

Identity theft, which involves a criminal using available personal information to assume the identity of someone else to access bank accounts or make purchases, has been a flourishing industry in the offline world for decades. But the advent of the World Wide Web and e-commerce brought about fundamental changes in the way that consumers handled their credit card and Social Security numbers and other private information.

Anyone who has bought anything online has surrendered a good deal of personally identifiable information. That data is what identity thieves crave, and theyre not having much trouble getting it. The Federal Trade Commission received about 117,000 complaints about identity theft in 2001. That number jumped to nearly 300,000 last year.

Recently, online scammers have turned to sending realistic-looking e-mail purporting to be from companies such as eBay, its PayPal subsidiary and Citibank FSB. The pleas in the messages vary, but the intent is the same: to have the recipient visit a malicious Web site and enter sensitive information such as debit card numbers, PINs or bank account numbers.

"Industry needs to step up and protect peoples privacy and identity," said Brett Michaels, director of government affairs at RSA Security, in Bedford, Mass. "We need to pull back from the concern over security in individual applications and find out how we can deploy a wrapper around the whole infrastructure."

To help stem this tide, the coalition, which also includes Inc., VeriSign Inc., Zone Labs Inc., the Business Software Alliance, Network Associates Inc.s McAfee Security division, Whole Security Inc. and Cyveillance Inc., plans to use public education initiatives, as well as technological and self-help approaches.