2007 Identity Fraud Survey Report— Consumer Version

Telephone: 925.225.9100

Fax: 925.225.9101

Address: 4309 Hacienda Dr., Suite 380 Pleasanton, CA 94588

E-mail: [email protected]

Web site: www.javelinstrategy.com

2007 Identity Fraud Survey Report— Consumer Version

How Consumers Can Protect Themselves

February 2007

Page i Copyright 2007 Javelin Strategy & Research. All rights reserved. This report is protected by copyright and other intellec-tual property laws. You may display or print the content available for your use only. You may not sell, publish, distribute, re-transmit or otherwise provide access to the content of this report without permission.

.

2007 Identity Fraud Report—Consumer Version How Consumers Can Protect Themselves

2007 Identity Fraud Survey Report—Consumer Version How Consumers Can Protect Themselves (Abbreviated Version) The Javelin 2007 Identity Fraud Survey Report: Consumer Version provides guidelines for consumers to help prevent, detect and resolve identity fraud. Over the last three years, Javelin has surveyed over 25,000 adults in order to find out the actual ways con-sumers are being affected by identity fraud in the United States. This year’s phone sur-vey of over 5,000 adults is the largest, most up-to-date study of identity fraud in the US. Our recommendations for consumers are solidly based upon the results of this thorough research and are backed by accurate and careful analysis of the data.

For institutions desiring to view the complete version of this research study, the 2007 Identity Fraud Survey Report (66 pages) is available for purchase.

Author: Rachel Kim, Research Associate

Contributors: Mary T. Monahan, Editor and Analyst

Bruce Cundiff, Senior Analyst

James Van Dyke, President and Founder

Research: Stephen Matava-Knighten, Research Associate

Don Phan, Senior Analyst

Publication Date: February, 2007

This survey was made possible, in part, by CheckFree Corporation, Wells Fargo Bank and Visa USA. Sponsors partially underwrite Javelin’s cost of data collection, analysis and reporting in return for having their organization cited in the release of the study. Javelin retains complete independence of data analysis and reporting and the following report has been created solely by Javelin employees.

About Javelin Javelin is the leading provider of independent, industry-specific, quantitative research and strategic direction for payments and financial services initiatives. Javelin conducts rigorous research and analysis to create successful strategies related to financial institutions, payments firms, technology vendors, merchants and billers, regulators and other policy-makers, associations, and consumer or business end-users.

Page ii Copyright 2007 Javelin Strategy & Research. All rights reserved. This report is protected by copyright and other intellec-tual property laws. You may display or print the content available for your use only. You may not sell, publish, distribute, re-transmit or otherwise provide access to the content of this report without permission.

.


Table of Contents

Getting a Full Copy of the Identity Fraud Survey Report ....................................................... iii Overview ......................................................................................................................................1 What Are Identity Theft and Identity Fraud? ............................................................................2 How Does Identity Theft Happen?.............................................................................................2 Who Commits Identity Fraud? ...................................................................................................3 Prevention....................................................................................................................................4 How Can I Prevent Identity Fraud?............................................................................................4 Detection......................................................................................................................................6 How Can I Detect Identity Fraud?..............................................................................................6 Resolution....................................................................................................................................7 What Should I Do if I Become a Victim of Identity Theft or Fraud?........................................7 2007 Identity Fraud Focus: Young Adults ................................................................................8 2007 Identity Fraud Focus: Low Income Individuals ...............................................................8 Where Can I Go to Get More Information? ...............................................................................9 2007 Identity Fraud Report: Preview ........................................................................................9 Common Fraud Scams and Terms..........................................................................................10 Methodology..............................................................................................................................14 Table of Charts

Figure 1 Javelin’s Prevention, Detection and Resolution Model............................................1

Figure 2 Who Is the Most Common Fraud Operator?..............................................................3

Figure 3 Prevention Tips ............................................................................................................4

Figure 4 The Longer it Takes to Detect Fraud, the Higher the Cost.......................................6

Figure 5 How to Contact the Three Credit Bureaus.................................................................9

Figure 6 Numbers of Victims before Weighting by Year .......................................................14

Figure 7 Mean Dollar Value of Misappropriated Funds .........................................................16

Figure 8 Three-Year Averaging of Fraud Amounts................................................................17

Page iii Copyright 2007 Javelin Strategy & Research. All rights reserved. This report is protected by copyright and other intellec-tual property laws. You may display or print the content available for your use only. You may not sell, publish, distribute, re-transmit or otherwise provide access to the content of this report without permission.

.


Getting a Full Copy of the Identity Fraud Report If you are a business or industry professional looking for more detailed statistics, incidence rates and fraud figures from our 2007 Identity Fraud Survey please reference the full report titled

2007 Identity Fraud Survey Report: Identity Fraud Is Dropping, Continued Vigilance Necessary

The full report consists of 66 pages with 40 graphs and tables and can be accessed for purchase on the research page of our Web site at www.javelinstrategy.com/research, or by calling a sales representative at (925) 225-9100 ext. 26. This Consumer Version was intended for the sole purpose of consumer educa-tion and awareness. Javelin recommends purchasing the full report for a complete overview of the key findings, analysis, new trends, and overall benchmarking of identity fraud in the US.

Copyright 2007 Javelin Strategy & Research. All rights reserved. This report is protected by copyright and other intellectual property laws. You may display or print the content available for your use only. You may not sell, publish, distribute, re-transmit or otherwise provide access to the content of this report without permission.


Overview

In the last year, 8.4 million Americans became the victims of identity fraud, half a million fewer victims than the year before. The total fraud amount dropped 12%, from $55.7 billion to $49.3 billion.1 While efforts are showing signs of success, consumers and their financial institutions must continue to work together aggressively to fight back against this serious crime. In the last year, the average victim of an existing account fraud paid $587 out-of-pocket in consumer costs. If the thief opened a new account in the victim’s name, the average consumer had to pay $617.

The Javelin 2007 Identity Fraud Survey Report: Consumer Version provides guidelines for con-sumers to help prevent, detect and resolve identity fraud. Over the last three years, Javelin has surveyed over 25,000 adults in order to find out how consumers are being affected by identity fraud. This year’s phone survey of over 5,000 adults is the largest, most up-to-date study of identity fraud in the US. Our recommendations for consumers are solidly based upon the results of this thorough research and are backed by accurate and careful analysis of the data.

Prevent, Detect, and Resolve

Figure 1 Javelin’s Prevention, Detection and Resolution Model

1 Differences in percentage change due to rounding effect. Actual numbers were used to calculate change.

New Account Fraud

Existing Account Fraud

Prevention

How it works:

Stops identity theft at the

source; prevent-ing unauthorized material harm to private data. If an identity theft has occurred, these methods thwart

the criminal’s use of private infor-mation to obtain

funds

Detection

How it works:

Detection of fraudulent activ-

ity occurs through company monitoring sys-tems, consumer alerts, account monitoring, re-viewing credit

reports and other methods for iden-

tifying unusual activity

Resolution

How it works:

After identity fraud has oc-

curred, consum-ers and providers

use these ser-vices and tools

for restoration of accounts and

credit worthiness

© 2007 Javelin Strategy & Research

Average Victim Costs: $617

Average Victim Costs: $587



What Are Identity Theft and Identity Fraud?

Identity theft happens when someone gains access to your personal data without your permis-sion. Identity fraud occurs when the criminal takes that personal information and misuses it for financial gain. Identifying information such as your Social Security number, bank or credit card account numbers, passwords, telephone calling card number, birth date, name, address and so on can be used by criminals to profit at your expense. With the right information, a criminal can take over your identity to take out loans in your name, withdraw funds from your accounts, rack up credit card and phone charges, and damage your credit rating.

How Does Identity Theft Happen?

Javelin research has found that, contrary to many expectations, identity thefts happen in the physical world and not just through the Internet or data breaches. In fact, your chances of suffer-ing identity fraud from a lost or stolen wallet are more than three times greater than your chances of suffering fraud from an Internet hacker, according to the 42% of victims who knew how their information was accessed.

Your personal or financial information can be stolen in a variety of ways:

• Through a lost or stolen wallet, checkbook or credit card

• From a criminal changing the address on an account

• Through information stolen in your own home, including by friends, relatives, and in-home employees

• By someone who e-mails, calls, or text messages you, pretending to be a bank or other trusted source to get you to divulge private information

• By hacking, viruses, and spyware on a computer or ATM machine

• By a data breach at a retailer, school, bank, hospital or any agency that main-tains access to your private information

• By a corrupt business employee who has access to your records

• Through eavesdropping by a criminal while you conduct a public transaction (“shoulder surfing”)

• Through mail theft from an unlocked mailbox

• From a trash can, a method known as “dumpster diving”

• Through new and different methods that criminals are continually developing

Because theft can be committed through so many methods, consumers are advised to put into practice a variety of the most effective measures to protect themselves.



Who Commits Identity Fraud?

Figure 2 Who Is the Most Common Fraud Operator?

(Based on the 31% of Victims Who Knew the Perpetrator’s Identity)

53%

2%

45%Someone who isfamiliar to youSomeone using theInternetOther

Q21: Was the person who stole your personal information…

n = 144Base: Victims who know the identity of the perpetrator


Contrary to what most consumers believe, in cases where the thief is found out, over half of the time the fraud operator turns out to be a coworker, neighbor, in-home employee, friend or family member. While some fraud is unavoidable, it is important to practice safe habits even in our own homes, for example, by not leaving sensitive financial information out where a new roommate can easily view it.



Prevention How Can I Prevent Identity Fraud?

Figure 3 Prevention Tips

Secure Your Personal Information!

To Prevent Criminals from Stealing Your Identity…

-PINs, Passwords, SSN -Sensitive Personal Information-Computer, PDA, Mobile Phone-Credit Cards, Debit Cards, IDs -Invoices, Statements, Checks-Incoming/Outgoing Paper Mail


Top 10 Tips While it is impossible to totally prevent identity fraud, it is possible to greatly reduce your risk of becoming a fraud victim. The drop in the number of fraud victims (500,000 less) and fraud dollar amounts ($6.4 billion decrease) last year testify to the fact that fraud prevention methods work.

1) Only carry credit, debit and identification cards that you use, and do not carry your Social Security number. Lock personal information, sensitive documents, check-books, credit cards, etc. in a secure place.

2) Replace paper invoices, statements and checks with electronic versions, if offered by your employer, bank, utility or merchant. Sign up for automatic payroll deposits.

3) Protect your accounts (banking, utility, merchant, etc.) by adding PINs and passwords to them.

a. Select difficult to deduce PINs and passwords, mixing numbers with letters.



b. Do not use easily known information for your PIN or password, e.g. birth-date, maiden name, etc.

c. Secure PINS and passwords, even inside your home, do not share them, and change them frequently.

4) Never provide personal information unless you initiate the contact. Do not click on a link to a Web site when responding to e-mails or text messages. Do not respond to automated phone messages prompting you call a number to resolve a bank account is-sue, or to e-mails that ask you to contact a number. Instead, use contact addresses, sites or phone numbers that you can verify are legitimate.

5) Install and regularly update firewall, anti-spyware, anti-virus and browser security software if you have a home computer. If you use public computers, ensure that they are equipped with the appropriate security software. When shopping online, make sure you are doing business with a reputable firm. The business should display an approved security symbol and the transaction should be conducted on an encrypted site.

6) Secure your sensitive mobile data whether it is stored on a laptop, PDA or phone. Use encryption software if there is any chance the data may be exposed to theft.

7) Be cautious of solicitations asking for fees in advance. These usually come in the form of guaranteed loans or credit cards despite bad credit history. Remember, if it sounds too good to be true, it often is. Verify the identity of the organization through a legitimate source (such as the Better Business Bureau) before sending any payment. To opt-out of unsolicited credit and insurance offers, call 1-888-5-OPTOUT (1-888-567-8688).

8) Shred all sensitive documents prior to disposal. Destroy all sensitive digital data when disposing of old computers, PDAs (personal data assistants) and phones.

9) Use a secure mail box for incoming or outgoing mail. If your home mailbox is not secure, consider receiving your mail at work or renting a mail box at the US Post Office. Place outgoing mail (especially if it contains sensitive documents, such as checks, etc.) in a secure US Postal Service mailbox.

10) Be aware of your surroundings when transacting in public. Cover your keypad and any screens that display sensitive data.



Detection Figure 4 The Longer it Takes to Detect Fraud, the Higher the Cost

Less than one day

One week to less than one month

1 to 11 months 1 year or more

FRAUD DETECTION TIME

Costs to the Consumer

Q19: From the time the misuse of your information first began, how long did it take you to discover it had been misused? by Q30. What is the approximate total dollar value of what the person obtained while misusing your information?

n = 458Base: All fraud victims


Less than one day

One week to less than one month

1 to 11 months 1 year or more

FRAUD DETECTION TIME

Costs to the Consumer

Q19: From the time the misuse of your information first began, how long did it take you to discover it had been misused? by Q30. What is the approximate total dollar value of what the person obtained while misusing your information?



How Can I Detect Identity Fraud? Javelin research has consistently shown that consumers are the best detectors of identity fraud, though the most effective crime fighting is done when financial institutions and consumers part-ner together to stop fraud.

1) Monitor your bank and credit card activity regularly. Check your account balances weekly through the Internet, phone or ATM. Confirm that all transactions are authorized. (This is also one of the best ways to prevent identity fraud.)

2) Use e-mail or telephone alerts to monitor address changes, transfers, payments, low balances and withdrawals if this service is offered by your bank. Check your e-mail fre-quently.

3) Watch for statements, checks, and new or renewed credit or debit cards.

4) Review your credit information regularly. Free reports are available at www.annualcreditreport.com or by calling 1-877-322-8228. Stagger your free credit re-ports with each of the three credit bureaus to receive a free report every four months. Confirm that all accounts listed are yours.

5) Consider signing up for a credit monitoring service. For the best protection, make sure the service monitors all three credit bureaus.



Resolution

What Should I Do if I Become a Victim of Identity Theft or Fraud? First of all, don’t panic. Financial institutions have been working to make fraud resolution faster and easier; in fact, resolution times have dropped by more than one-third over the last year. There are a few simple steps that consumers can take to quickly resolve their fraud issues.

1) Contact your bank, credit card company or merchant immediately, by phone and in writing, if you think you might be a victim of identity theft or fraud, if your checkbook, wal-let or debit/credit cards are lost or stolen or if you fail to receive statements, invoices or new or renewed credit/debit cards. Notify your financial providers at once if any existing accounts were misused.

2) Close any accounts that may have been compromised. Closing accounts without de-lay will help to minimize fraud losses.

3) Ask your financial provider about their fraud resolution teams and their zero-liability guarantees against fraud to help you resolve and recover from any potential losses.

4) Place a credit alert at any one of the three credit bureaus (Equifax, Experian and TransUnion) and get a copy of your credit report at.annualcreditreport.com. The bureau you notify is required by law to notify the other two agencies. Credit alerts notify potential creditors that there is a problem with your account. An initial fraud alert will stay in place for 90 days. During this time you can also sign up for an extended fraud victim alert which will stay in place for seven years.

5) Be informed of your data breach notification rights, which vary by state. In certain states, you must be notified whenever a data breach occurs and the decision of when and if to notify should not be left up to a company. Notices should include what informa-tion was stolen and a number to call for additional information.

6) Consider placing a credit freeze, if your information has been compromised. This will completely stop your credit report from being shared with anyone. Currently twelve se-lect states allow credit freezes, so check to see if you qualify for coverage (free in some states).

7) File a report with your local police where the identity theft took place. Get a copy of the police report for your records.

8) Notify the Federal Trade Commission at 877-438-4338 or online at http://www.ftc.gov/bcp/edu/microsites/idtheft//

9) Consider signing up for a credit monitoring service. For the best protection, make sure the service monitors all three credit bureaus.



2007 Identity Fraud Focus: Young Adults

Based on 2007 survey data, Javelin finds that young adults (18-24) suffer higher rates of identity fraud than any other age group. Surprisingly, younger victim are almost twice as likely as other age groups to be victimized by people they know—such as friends, roommates and neighbors. This means that young people must be extra vigilant about protecting their private financial data inside their homes.

Young adult victims (18-24) are the least likely of any age group to turn off paper statements, least likely to be using anti-virus, anti-spyware software or firewalls, and the least likely to prac-tice shredding of their financial information before disposal.

Among the consumer recommendations young adults should be especially observant of the fol-lowing guidelines:

• Turn off paper statements and use electronic versions for transactions, whether paying bills, viewing statements or monitoring accounts. Javelin has found electronic monitoring of accounts cuts down on identity fraud.

• Regularly use and update a firewall and anti-malware for your personal computer. Any-one using the Internet needs to put these needed safety features in place.

• Properly dispose of sensitive documents by shredding them.

By engaging in these basic precautions, young adults can be more successful in protecting themselves against fraud.

2007 Identity Fraud Focus: Low Income Individuals

Despite being the least likely group to experience fraud, the lowest income individuals (under $15K) still suffered from the longest misuse periods, most prolonged detection times and lengthiest resolution times. Javelin determined that compared to higher income groups, a sig-nificantly lower percentage of lower income individuals with Internet access utilize online bank-ing services, anti-malware or online bank bill pay, even though the data clearly shows these methods, used properly, reduce fraud. Among those low-income individuals who have been vic-tims of identity fraud, the majority decide to significantly limit online activity out of fear of being victimized again. Low income online consumers should focus on the following action steps:

• Replace paper invoices, statements and checks with electronic versions, if offered by your employer, bank, utility or merchant. Regularly monitor your accounts.

• Install and regularly update firewall, anti-spyware, anti-virus and browser security soft-ware on your home computer.



Where Can I Go to Get More Information? There are a number of places to get more information. Javelin has used the results of its study to create an easy-to-use safety quiz and a list of recommended tips which can be accessed at:

• www.IDSafety.net

The 2007 Identity Fraud Report’s co-sponsors (CheckFree, Visa and Wells Fargo) also offer safety recommendations:

• CheckFree Corporation www.checkfree.com/idprotect

• Visa Corporation www.visa.com/security

• Wells Fargo www.wellsfargo.com/privacy_security/fraud

Figure 5 How to Contact the Three Credit Bureaus

Credit Bureau: Equifax Experian Transunion

Order Credit Report

800-685-1111 888-397-3742

800-888-4213

Report Fraud 888-766-0008 888-397-3742 800-680-7289

Web Address www.equifax.com www.experian.com www.transunion.com

Mailing Address Equifax Consumer Fraud Division P.O. Box 740241 Atlanta, GA 30374

Experian Consumer Assistance 475 Anton Blvd. Costa Mesa, CA 92626

Transunion Victim As-sistance Dept. P.O. Box 6790 Fullerton, CA 92834


2007 Identity Fraud Report: Preview

The complete Javelin 2007 Identity Fraud Survey Report: Identity Fraud Is Dropping, Continued Vigilance (over 60 pages long with 40 graphs and tables) is available for purchase at our Web site at www.javelinstrategy.com/research/. The full report provides a detailed, comprehensive analysis of identity fraud in the United States, in order to help consumers and businesses better understand the effectiveness of methods used for its prevention, detection and resolution. This report is issued as a longitudinal update to the Javelin 2006 Identity Fraud Survey Report, the Javelin 2005 Identity Fraud Survey Report and the Federal Trade Commission’s (FTC) 2003 Identity Theft Survey Report.

Copyright 2007 Javelin Strategy & Research. All rights reserved. This report is protected by copyright and other intellectual prop-erty laws. You may display or print the content available for your use only. You may not sell, publish, distribute, re-transmit or otherwise pro-vide access to the content of this report without permission.


Common Fraud Scams and Terms

To clarify common fraud scams and terminology, definitions are provided below.

Javelin uses identity fraud as the term to describe the crime discussed in this report. Because this report’s underlying survey was based on interviews with individuals who were the victims of fraud committed using at least some portion of their personal information, it will not include other categories of crime such as synthetic identity fraud, which is based upon a wholly fictitious iden-tity. However, Javelin believes that many identity frauds do contain a mixture of true and syn-thetic components and these frauds are included in this report.

To clarify the usage of common terms by Javelin, definitions are provided below.

Account takeover fraud a method of identity fraud, where a fraud operator attempts to gain access to a consumer account by fraudulently adding his/her information to the ac-count; changing the mailing address or making other alterations

Advanced fee fraud any scam that, during its course, requires advanced fees to be paid by the victim. Usually, these fees are explained by the criminals to be processing fees, bribes, finding fees, etc.

Consumer cost the out-of-pocket costs incurred by the victim in or-der to resolve a fraud case. These include: post-age, copying, notarizing documents, legal fees, and may also include payment of any fraudulent debts in order to avoid further problems

Credit freeze a security freeze that is placed on a consumer’s credit file to prevent the file from being shared with anyone, thus forestalling new accounts from being opened in the consumer’s name

Data breach the unauthorized disclosure of information that compromises the security, privacy, or integrity of personally identifiable data.

Existing Card Accounts fraud identity fraud perpetrated using existing credit or debit cards and/or their account numbers



Existing Non-Card Accounts fraud identity fraud perpetrated using existing checking

and savings accounts, and existing loans, insur-ance, telephone, and utilities accounts

Fraud amount the total amount of funds that the fraud operator ob-tained or tried to obtain illegally. These may result in actual losses to various businesses and organi-zations (and in some cases to the consumer). These may also be funds that are either recovered or the loss is avoided due to preventive measures adopted by the businesses

Identity fraud the unauthorized use of some portion of another’s personal information to achieve illicit financial gain. Identity fraud can occur without identity theft. For example, it can occur with relatives who are given access to personal information or by the use of randomly generated payment card numbers.

Identity theft the unauthorized access to personal information. Identity theft can occur without identity fraud. For example, it can occur with large scale data breaches

Interactive financial messaging two-way messaging between FIs and their custom-ers, including alerts for consumer-directed prohibi-tions

Mutual authentication a method by which both the FI and the customer can identify each other, for example, by providing and identifying shared secrets.

Man-in-the-middle (MITM) an attack in which an perpetrator is able to read, in-sert and modify at will, messages between two par-ties without either party knowing that the link be-tween them has been compromised

New Accounts and Other frauds identity fraud perpetrated by using the victim's per-sonal information to open fraudulent new accounts

Non-identity fraud direct misrepresentation by a fraudulent merchant, investment firm, charity or other organization that results in financial loss to the consumer

Phishing the method of "fishing" for Internet users’ pass-words, financial or personal information by luring



them to a fake Web site through an authentic-looking e-mail that impersonates the victim’s finan-cial institution

Pretexting the collection of information about an individual un-der false pretenses (the “pretext”), usually done over the phone, such as calling a bank while posing as a customer to find out personal information.

Smishing a version of phishing sent by SMS messaging (text messaging) which sends a cell phone message that directs victims to a Web site that downloads mali-cious spyware (Trojan horse) onto the victim’s cell phone or computer.

Synthetic identity fraud a completely fictitious identity created in order to defraud an organization. To be considered “syn-thetic identity fraud,” all consumer information must be fictitious. (Usually at least one part of the identity in an identity fraud is based upon actual consumer information, for example, a real name or real Social Security number, and these cases are not consid-ered “synthetic identity fraud” because a consumer victim is involved.)

Trojan horse a program that appears to be a useful file (i.e., a music file) or software upgrade from a legitimate source, tricking the victim into opening it. Once ac-tivated, the Trojan horse allows intruders to access private information.

True name fraud see identity fraud

Vishing a version of phishing that uses a combination of e-mail and the telephone, or just telephone; the victim is urged to resolve an account issue by a criminal posing as a financial institution, and is thereby prompted to provide personal information



Methodology The Javelin 2007 Identity Fraud Survey Report provides consumers and businesses an in-depth and comprehensive examination of identity fraud in the United States. Its purpose is to help readers understand the causes and incidence rates of identity fraud and the success rates of methods used for its prevention, detection and resolution.

This report builds on the Javelin 2006 Identity Fraud Survey Report, 2005 Identity Fraud Survey Report and the Federal Trade Commission’s 2003 Identity Theft Survey Report.

Survey Questionnaire The set of questions and underlying methodology used for this report were identical to or highly similar to the 2006, 2005 and 2003 surveys. This allows the ability to provide longitudinal trends on various subjects, such as incidence rates and detection methods.

In addition, to more deeply explore the significance of past responses, a discrete number of new questions were added. These probed the behaviors of consumers before and after personal in-formation was compromised and/or misused, in order to identify any correlations to the fraud operators’ behaviors and to discover potential opportunities for consumer education.

Some questions from the previous surveys were modified to improve the accuracy of our esti-mates. Questions used to measure the fraud amounts, consumer cost, and resolution hours previously provided ranges of responses. In the 2007 report, these questions were changed to collect exact amounts.

Survey Respondents In all, 5,006 consumers, representative of the US population, were interviewed via a standard-ized 41-question telephone survey to develop more accurate and actionable insight into this pervasive and costly crime.

The polling yielded interviews with 469 fraud victims. After weighting the responses to standard-ize to national demographics,2 the 2007 survey’s computed number of victims interviewed was 458. For comparison, the numbers of victims in previous years, before and after weighting, are provided below:

Figure 6 Numbers of Victims before Weighting by Year


2 Responses were adjusted to be nationally representative based on respondents’ age, gender, income level, and race/ethnicity as reported by US Census on 12/11/2006 accessed 12/11/2006

2003 2005 2006 2007

Number of victims before weighting 433 507 529 469 Number of victims after weighting 514 509 505 458



Survey Data Collection

Javelin employed the Discovery Research Group for this survey’s data collection. Discovery, one of the nation’s largest data collection providers, is recognized as a reputable data collection service firm with over 18 years of experience in the industry. Previous studies employed Syno-vate for all phases of data collection using Computer Assisted Telephone Interviewing (CATI) via Random-Digit-Dialing (RDD). Synovate has since changed their sampling method from RDD to a remunerated opt-in panel. In order to maintain consistency in methodology by continuing to sample respondents through RDD, for the 2006 study Javelin engaged the services of the Dis-covery Research Group.

The study was conducted using interviews administered by telephone with 5,006 US adults over age 18 and a sample that is representative of the US census demographics distribution. Data collection began September 29, 2006 and ended November 7, 2006.

Margin of Error For questions answered by all 5,006 respondents, the maximum margin of sampling error is +/- 1.4% at the 95% confidence level.

For questions answered by all 458 identity fraud victims, the maximum margin of sampling error is +/- 4.6% at the 95% confidence level.

For questions answered by a proportion of all identity fraud victims, the maximum margin of sampling error varies and is greater than +/- 4.6% at the 95% confidence level.

Categorizing Fraud With one exception, this report continues to classify fraud within the three categories originally defined by the FTC. Starting in 2006, debit card fraud was re-categorized as Existing Card Ac-counts fraud,3 instead of Existing Non-Card Accounts fraud.4 Javelin believes that this change reflected a more accurate representation of debit card fraud, since much of its means of com-promise, its fraudulent use and detection methods parallel those of credit cards.

The categories of fraud are listed below from least to most serious:

Existing Card Accounts: This category includes both the account numbers and/or the actual cards for existing credit and card-linked debit accounts.

Existing Non-Card Accounts: This category includes existing checking and savings accounts, and existing loans, insurance, telephone, and utilities accounts

New Accounts and Other Frauds: This category includes new accounts or loans for committing theft, fraud, or other crimes using the victim's personal information

3 Formerly titled “Existing Credit Card Accounts” in the 2003 and 2005 reports

4 Formerly titled “Existing Non-Credit Card Accounts” in the 2003 and 2005 reports



Many victims experience identity fraud within more than one of these categories. In reporting the overall incidence rates of the three categories or types of accounts, the victims of crimes to more than one type of account are categorized based on the most serious (as designated by the FTC) problem reported. Thus, victims who reported that new accounts had been opened using their information and also that their existing credit cards had been misused would be placed in the New Accounts and Other Frauds classification, not in the Existing Card Accounts classifica-tion. This categorization is applicable only for reporting the rates of the three types of fraud.

Calculations Comparing Annual Numbers To create a more accurate understanding of the costs of identity fraud Javelin has departed from using ranged brackets (e.g., $0 to $50) to measure the fraud amount, consumer cost, and hours spent resolving fraud. This change in methodology leads to a lower estimate of the aver-age fraud amount.

By converting the data collected into the previous year’s methodology, Javelin has found that the means derived from the former, bracketed methodology overstate the average losses by over 20%. The graph below shows that for each of the ranges, the mean generated using the bracketed, 2006 methodology consistently inflated the mean compared to the current methodol-ogy. By adopting this change, Javelin has created a more accurate picture of the impact of iden-tity fraud in the US.

Figure 7 Mean Dollar Value of Misappropriated Funds

Comparing 2007 and 2006 Methodologies

$22

$227

$50 $3

00 $6

,690

$1,9

75

$649

$14,

006

$60,

649

$33,

080

$17,

500

$37,

500

$75,

000

$7,5

00

$750

$3,0

00

$-

$10,000

$20,000

$30,000

$40,000

$50,000

$60,000

$70,000

$80,000

Less than$100

$100 - $499 $500 - $999 $1,000 -$4,999

$5,000 -$9,999

$10,000 -$24,999

$25,000 - $49,999

$50,000 - $99,999

Bracket Ranges

Mea

n Va

lue

2007 Methodology 2006 'Bracketed' Methodology

Q30. What is the approximate total dollar value of what the person obtained while misusing your information?





To allow for comparisons to previous years, it is necessary to re-bracket the actual amounts and this is what has been done. In the future, access to these actual (versus bracketed) numbers will allow for comparisons of like figures using the more accurate actual numbers.

Due to rounding errors, the percentages on graphs add up to 100% plus or minus one percent.

The percentage change of 12% from 2006 to 2007 was calculated using the underlying actual dollar figures after adjusting for inflation and data smoothing (i.e., $55.72 billion for 2005, $49.26 billion for 2006).

To assure consistency in comparing year-to-year changes, historical figures were adjusted for inflation by using the Consumer Price Index (CPI). 2006 survey numbers were adjusted by 2.1%, 2005 survey numbers were adjusted by 5.4% and 2003 numbers were adjusted by 8.9% to normalize the value of currency. 5

Data Smoothing Techniques 2006 and 2007 total dollar cost estimates have been smoothed using a moving three-year aver-aging method. Time series data smoothing techniques are used to eliminate “noise” created by random data fluctuations and uncover real trends.

Figure 8 Three-Year Averaging of Fraud Amounts

© 2007 Javelin Strategy & Research Calculating Mean and Median Values

Where responses pertained to a range in value, e.g., “one day to less than one week,” to calcu-late the median or mean value, the midpoint of the range, rounded up to the nearest whole unit, was used.

Example: If the response selected for fraud amount was one day to less than one week, the assigned value the assigned value would be the median of 1 day and 7 days, inclusive or 4.5 days.

Deviation from FTC and 2003 Methodology and Reporting When reporting victims’ average financial damages or resolution times in dollars or hours, the entire amounts of damages or losses are placed into every type of fraud that the victims suf-

5 2003 survey dollar costs have been adjusted for inflation by 0.089 for the period beginning April 2003 and ending Oct. 2006, 2005 survey dollar costs by 0.054 for the period beginning Nov. 2004 and ending Oct. 2006, and 2006 survey dollar costs by 0.021 for the period beginning Nov. 2005 and ending Oct. 2006 using the Consumer Price Index (CPI-U, Base 1982-84=100))issued by the Bu-reau of Labor Statistics, ftp://ftp.bls.gov/pub/special.requests/cpi/cpiai.txt Accessed 10/26/2006.

2003 2005 2006 2007

Original Amount $53.8 $55.5 $57.8 $34.5

Three-year moving average N/A N/A $55.7 $49.3



fered. For example, for a victim who reports that a total of $100 is obtained for both New Ac-counts & Other Frauds category and Existing Card Accounts, the $100 is counted in both cate-gories. This method of reporting costs by types of fraud will not change the overall total costs of fraud across all three categories, but the average amount of dollars or time associated within the three types of fraud should not be summed as there will be overlapping amounts.

In the 2003 report, responses to the New Accounts and Other Frauds question (Q9) were modi-fied based on respondents’ subsequent answers to question 14. 2007’s question 14 is slightly modified from 2003’s, thus avoiding the possibility of needing to adjust responses to question 15 in order to maintain the longitudinal integrity. 2007’s responses to question 9 are reported as they were reported by the victims.

Secondly, 2007’s detection time question (Q19) is categorized differently from the 2003 study. While the 2003 study provided 13 answers from which victims could choose, the 2006 study contained only 9 such responses. Javelin merged similar response categories that contained few replies in 2003 into single categories, allowing the data to be cross tabbed with larger num-bers and fewer categories for a more robust calculation.

On several other questions, longitudinal comparisons are performed with numbers that Javelin calculated using 2003 raw data instead of 2003 reported figures. This was done in order to avoid inserting rounding errors or methodology differences.

Contributing Organizations

The extensive survey was, in part, made possible by CheckFree Services Corporation, Visa USA, and Wells Fargo Bank. To preserve the project’s independence and objectivity, the spon-sors were not involved in the tabulation, analysis or reporting of final results.

Getting a Copy of the Full Report: If you are a business or industry professional looking for more detailed statistics, incidence rates and fraud figures from our 2007 Identity Fraud Survey please reference the full report titled:

2007 Identity Fraud Survey Report: Identity Fraud Is Dropping, Continued Vigilance Necessary

The full report consists of 66 pages with 40 graphs and tables and can be accessed for pur-chase on the research page of our Web site at www.javelinstrategy.com/research or by calling a sales associate at (925) 225-9100, ext. 26. This Consumer Version was intended for the sole purpose of consumer education and awareness. Javelin recommends purchasing the full report for a complete overview of the key findings, analysis, new trends, and overall benchmarking of identity fraud in the United States.

2007 Identity Fraud Survey Report— Consumer Version

Documents

Transcript of 2007 Identity Fraud Survey Report— Consumer Version