When it comes protecting my personal data from others, I’m the most careful guy on the planet.
As an inventor figuring out ways to keep online data safe and secure, I KNOW how bad things are. How easy it is to crack most passwords. How vulnerable and exposed everything from my bank account to my credit cards to my medical records is to prying eyes.
So I follow all of the recommended data security “best practices” to keep my information safe. I use long, random passwords that I never reuse or use on more than one site. I mix up my user IDs. I change my passwords regularly. I don’t log in to my bank account from Starbucks (or other public places).
Even before the Heartbleed bug became famous, I knew better than to trust a supposedly secure “https” connection. And I’m not dumb enough to fall for a “phishing” expedition.
Yet despite all those precautions, over the last few months I received not one, not two, but three notifications that my personal data has been compromised.
“Please begin to use this new credit card because your current card may have been compromised at another company. Thank you for being a loyal customer…”
I didn’t do anything wrong. I kept my credit card physically secure at all times. I did nothing to compromise my card details online. And yet here I was, the victim of a data breach.
For customers who rely on that debit card for most of their financial transactions, that could be a real burden. Eighty bucks doesn’t go as far as it used to.
Once again, there wasn’t anything I did wrong. I took all the proper precautions. I’m not a trusting soul, at least not when it comes to my financial assets. Yet because some business was a victim of fraud – a business that probably failed to take reasonable precautions – my information may have been compromised, and some thief might have access to my credit union account.
As if all of that wasn’t bad enough, a few weeks later I received a letter from the US Attorney in the Northern District of Oklahoma informing me that my personal information was found in the possession of someone who had been arrested in Tulsa. The letter advised me to check my credit reports to try and find out whether the information had been used in a fraudulent way.
Once again, there was nothing I had done wrong. I follow the “state-of-the-art” in what the experts advise for keeping my personal information safe, and it wasn’t enough.
The bank helpfully sent me a 21-page long PowerPoint presentation on the topic of “protecting against and recovering from identity theft.” The advice wasn’t that useful: I already practice all of the recommended procedures for protecting against identity theft.
I also followed the US Attorney’s advice and ordered copies of my credit reports. There’s only one small catch: all three of the credit reporting companies told me to allow up to six weeks for delivery. How much damage could someone with my personal data do in six weeks? A lot.
None of the helpful information I was provided told me how to go about the REAL solution to this problem: get banks and merchants to behave responsibly.
Even if you’ve been lucky and have never had your data hacked (well, you’re probably not that lucky, you just don’t know it yet) data INsecurity is costing you money. The banks and credit card companies that have shelled out money to fraudsters have to recover that money from someone – and that someone is the consumer. You pay for it with higher charges from your banks and credit card companies.
Banks, credit card companies, and online merchants are always two steps behind the bad guys. As reported by Reuters, the “Citadel botnets” managed to make off with half a billion dollars – that’s a cool $500,000,000 – before Microsoft and the FBI started making progress in shutting them down. That’s a big business. Some enterprising hackers provided the hacking software online in kits that sold for $2,400 and up. They even had 24×7 telephone customer support!
PACid has developed technology that could turn things around and put the good guys ahead of the bad guys for a change: our Bolt-on Strong SecurityTM (BoSS) solution.
BoSS technology provides a solution to all of the vulnerabilities in today’s computer systems. And users don’t even have to take all the precautions that I do – the system takes care of it automatically.
Instead of relying on users to create long, difficult-to-crack passwords, BoSS automatically assigns and manages long random passwords that the user never even sees. Instead of waiting for the user to change his or her password, BoSS changes it every time he or she logs in. And once in a link, instead of keeping the same encryption for the duration of the link, BoSS changes it every few minutes.