Right. Just how many more companies need to lose or have personal data stolen before we get to the point there’s a reasonable chance that x out of y people can no longer use their personal data as unique identifiers, and what exactly is that going to do to the person-not-present industry?
We have circa 100m records missing in action since Sony were breached, an undisclosed amount of data via Epsilon and I wouldn’t be at all surprised if close to a half a billion records (that’s 500k in the UK) have been exposed in total since the Internet began.
Population of the world – 6.9billion. 1 billion unfortunately live in poverty, so let’s just say 5-6 billion people in the world might have Internet access.
4 billion of those are probably happy buying things online, so in my warped way of thinking, one in eight individuals unknowingly have some form of their personal data in the criminal domain.
So if companies cannot reliably identify individuals as being whom they say they are, with a 1 in 8 chance it could be stolen data, then where does this leave us?
If we can no longer rely on name, address, password (think re-use attacks) credit card number or email address as identifiers then just how is the world supposed to do business, and are we teetering on the brink of a mega-breach where online electronic identities are worthless?
Just a thought…. enjoy!