Start-up launches identity-theft search service

A start-up has launched a service that lets people check whether their personal data is being traded online by criminals, but critics say it could be a boon for those same crooks.

The service, dubbed StolenID Search, lets anyone with an Internet connection search a database of more than 2 million credit card and Social Security numbers found in the recesses of the Internet, Redwood City, Calif.-based TrustedID, said Tuesday.

"This is an opportunity for any consumer to find out whether or not their credit card number or Social Security number has been compromised," said Scott Mitic, TrustedID's chief executive. "In many cases, absent this service, there is no way for consumers to find out if their data has been compromised until it is too late."

Using StolenID Search is counterintuitive. Running a search requires the entry of the credit card or Social Security number that is to be checked against the database. This requires trust in TrustedID, a 2-year-old company backed by venture capitalists that is building a business out of identity protection services.

Mitic asserts that without additional information, a credit card or Social Security number is useless. "Just the number has no value unless it comes with your name, billing address, expiration data and security code," he said. "This is probably the only case where I would counsel someone to enter a Social Security number into a Web form."

Playing into the hands of criminals
Done right, experts see value in the new service. However, the way StolenID Search is set up now, it could play into the hands of criminals, they said.

"There is a significant amount of personal information traded in the dark corners of the online world, and companies such as TrustedID could allow the consumer to take appropriate prevention or detection action in response to knowing about this," said James Van Dyke, president of Javelin Strategy & Research, which studies fraud.

Assuming TrustedID can be trusted and its database is comprehensive, it can be valuable, agreed Avivah Litan, an analyst with Gartner. "It fills an important gap consumers have in the tools available to them for fighting identity-theft related fraud," she said.

But, both Van Dyke and Litan said, TrustedID made a mistake in making the database accessible to anyone.

"They can make a terrible problem worse if they freely disseminate information to anyone who asks for it without properly vetting the requestor's identity," Litan said. This could "enable criminal activity," Van Dyke added.

StolenID Search could become a resource for criminals. For example, if a credit card number pops up as compromised on the Stolen ID Search Web site, it will be of lesser value than when it doesn't. TrustedID recognizes this risk.

"It is a scenario that could happen," Mitic said. "We're all best served by our database getting as big as possible so that as many cards are showing as compromised as possible."

To build up its database, TrustedID is asking anyone who stumbles upon identity data online to submit it to the company, Mitic said. One antispyware specialist, Sunbelt Software, is already providing information on potential identity theft victims to TrustedID, Sunbelt's CEO Alex Eckelberry said in a posting on the company's blog.

Ultimately, TrustedID hopes StolenID Search will bring people to its paid services. The company charges $90 a year to put a fraud alert or a freeze on an individual's credit with the three main credit reporting agencies. Placing a fraud alert can be done at no cost by the individual. The cost of placing a freeze on an individual's credit report with the different agencies varies, but is less than TrustedID's fee for performing the same task.

[langmichael]

Seems a bit strange

Ok it's bad enough that there are people out there stealing my personal information. So why would I voluntarily give it up to this company? Who's protecting me from them?

[chuck_whealton]

Am I missing something?

If this company is simply putting things from the Internet into a database, why can't people just search the Internet themselves?

And they charge more for placing fraud alerts with the big three than if the consumer did it themselves?

Is this company adding any value?

Charles R. Whealton
Charles Whealton @ pleasedontspam.com

[Abdul Tawala Ibn Ali Ali]

This is s surrender to the crooks that all you can do is check...

Taking ID and PIN numbers offline and using single use credit card numbers online, now oftenly called virtual cards eliminates the need to check if it is stolen.

I, Abdul Tawala Alishtari, know this because I know the patent for single use credit card numbers is not with Orbiscom as was commonly believed but first with EDI Secure LLLP is now it is with IDPixie LLC.

Its patent number is US 6,598.031 B1 to Mr. Jeffrey Ice, Inventor, for "APPARATUS AND METHOD FOR ROUTING ENCRYPTED TRANSACTION CARD IDENTIFYING DATA THROUGH A PUBLIC TELEPHONE NETWORK" i.e. Internet, phones or any electronic medium in the U. S. of A.

[TrustedID]

TrustedID -- Response on StolenID Search

In the past few days, we?ve seen thousands of people make comments about our StolenID Search service. We appreciate everyone who sees value in the service as well as those who have questions.

We feel that it makes good sense to help address all those questions in one common forum. Please visit our TrustedID blog (link below), as a venue to find answers to your questions/concerns related to our new service.
<a class="jive-link-external" href="http://blog.trustedid.com/?p=311" target="_newWindow">http://blog.trustedid.com/?p=311</a>

[pcrack201]

I know a guy who has been getting money, big money out of no where. He said he works in a construction company but i kno for sure he is doing identity theft and stealing other people's money from there credit card. What can i do so this man can be stopped...Please help..email me lincoln_LION2009@YAHOO.COM

[pplstan92]

Only One suite of services that can protect your ID before, during and after a crime occurs! Pre-Paid Legal and the ID Shield!

Stan Kania
724-840-1876