Feeds

DIY fingerprint idea thwarts ID thieves

Thumbs up

  • alert
  • submit to reddit

Internet Security Threat Report 2014

The Home Office is touting ID cards as a solution to ID theft in today's Queen's Speech but a Yorkshire man has taken matters into his own hands. Jamie Jameson, a civil servant from Scarborough in North Yorkshire, insists that credit can only be extended in his name on production of a thumbprint.

Jameson hit on the idea of writing to the UK's three main credit reference agencies - Equifax, Experian and Call Credit - and requesting that they put a 'Notice of Correction' on his file stating that a print must be offered with applications for loans or credit cards issued in his name. At the same time he submitted his fingerprint.

This Notice of Correction of the first thing a prospective lender will see when it calls up his records. Normally this facility provides a way for individuals to explain why they have a county court judgement against their name or other qualifications to their credit history. Jameson is using it to do a cheap security check.

Although uncommon in the UK, thumbprints are often used as an audit mechanism for people cashing cheques in US banks. A similar scheme was trialled in Wales. Jameson takes a little ink pad similar to that used in US banks around with him all the time just in case he might need it.

If an application for credit is accepted without a thumbprint - against Jameson's express instructions - then he will not be liable for losses. If a would-be fraudster gives a false print on an application then it makes it easier for them to be traced by the police. "Lenders don’t have to match prints. Using prints just establishes an audit trail if anything goes wrong," Jameson explained. "It's not so much me proving who I am as preventing someone else being me."

Jameson has been using the idea successfully for over a year. He concedes that the scheme isn't foolproof and that it's possible to fake fingerprints ("nothing’s perfect," as he puts it). As far as Jameson knows he's the only person who's using the technique in the UK. The scheme delays the issuing of credit, which could be a problem with people who apply for multiple accounts but this is a minor inconvenience for Jameson. "This is driven by the individual so there are no data protection issues. It's a real deterrent to ID theft," he told El Reg. ®

Related stories

World's largest ID theft felon faces 14 years' jail
Gov.uk launches anti-fraud website
ID cards to use 'key database' of personal info
Boffins test voice-activated secure credit card
Fingerprints as ID - good, bad, ugly?
Fraudsters prey on apathetic Brits
UK ID theft gang jailed for £350K fraud
Biometric sensors beaten senseless in tests
Gummi bears defeat fingerprint sensors

Internet Security Threat Report 2014

More from The Register

next story
George Clooney, WikiLeaks' lawyer wife hand out burner phones to wedding guests
Day 4: 'News'-papers STILL rammed with Clooney nuptials
Shellshock: 'Larger scale attack' on its way, warn securo-bods
Not just web servers under threat - though TENS of THOUSANDS have been hit
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
PEAK IPV4? Global IPv6 traffic is growing, DDoS dying, says Akamai
First time the cache network has seen drop in use of 32-bit-wide IP addresses
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
Stunned by Shellshock Bash bug? Patch all you can – or be punished
UK data watchdog rolls up its sleeves, polishes truncheon
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.