The Irish Times recently wrote about Prawo Jazdy; Ireland’s worst driver, who has amassed dozens of speeding fines and parking tickets, managing to evade the law without any convictions.

On closer inspection, and using data from the police’s Garda Pulse system, Prawo Jazdy was found to have 50 separate entries, all at different addresses.

Prawo Jazdy is actually the Polish word for “Driving License”.

Although a funny story, and one that has quickly spread across the web, it raises serious issues about the use of global identity documents when verifying an identity.

If police in Ireland did not know the layout of a driving license, and recorded the wrong name, will your staff know any different?

Companies that ask for document ID at the point of account opening need to have the confidence to know that their staff are able to accurately verify a driving license, or passport, visa or other ID document. Documents are often asked for as proof of id where a financial or payment account is created; for example in online gambling, or for opening a savings account online.

If staff are not trained to know what to look for, they can often record the wrong details or accept a fraudulent, fake document.

This can also be a problem for agencies carrying out recruitment checks. Staff checks are required as proof of right to work in the UK, however often recruitment companies simply rely on their staff to know whether an id document is genuine or not.

192business provide solutions for ID document checks, whereby staff can enter the details of a passport or driving license, and receive an instant verification. Using an ID check system means that staff can have more confidence in their decisions and avoids putting unnecessary pressure on employees to make the right decision.

Find out more about Document Verification here.

APACs has today released the latest fraud statistics for 2008, showing that card losses have grown to a total of £609.9million. This is an increase of 12% since 2007, and the main areas of fraud appear where card payments are not secured by chip and PIN; primarily cards being fraudulently used abroad and Card Not Present Fraud.

Card Not Present Fraud losses have increased by 13 per cent over the last year and account for 54 per cent of all card fraud losses. This puts the figure lost due to CNP fraud at £328.4m for 2008. APACs are keen to point out that whilst CNP fraud has risen 243% in the period 2001-2008, online payments have risen 524% as more retailers accept distance payments, and consumers increasingly turn to internet shopping.

Account Takeover or Facility Takeover and other identity thefts have also contributed to the rise in fraud. Account takeover is said to be increasingly popular as fraudsters are finding it more difficult to obtain new credit because of the current economic climate. Card identity theft now stands at £47.4million, having seen an increase of 39% since 2007. Figures released earlier in the year by CIFAS put the rise in facility takeover fraud at 207%.

Online banking is another area which has suffered increasing losses since 2007; up 132% to reach a loss of £52.5million in 2008. Although phishing attacks grab most of the media attention, much of the loss is said to be as a result of malware such as key loggers. Consumers are reminded that malware attacks can be prevented by ensuring PCs have firewall protection and anti-virus software is installed and kept up to date.

‘Friendly fraud’ or ‘third party fraud’, where customers claim that goods have not been received, remained constant between 2007 and  2008. However losses because of this type of fraud still stand at £10.2 million and retailers who suffer from this are urged to consider joining a fraud data sharing scheme or fraud forum.

The APACS figures have been released to co-incide with the launch of the National Fraud Strategic Authority’s National Fraud Strategy, which APACs has welcomed.

Related Articles:

A full version of the latest fraud figures from APACs can be found at: http://www.apacs.org.uk/09_03_19.htm

NFSA’s announce fraud prevention strategy

Online Payments reach record levels

The NFSA has today released the first National Fraud Strategy, which aims to strengthen response to fraud and provide protection and support to both consumers and businesses affected.

The strategy has been launched at a time when fraud is high on the press agenda, partly due to the Madoff enquiry into Ponzi fraud as well as a number of other high profile cases, mostly in the finance sector.

Launched by the Attorney General, Baroness Scotland QC, the strategy has four key areas of priority:

Improving the building and sharing of knowledge about fraud, by the City of London Police (CoLP) establishing a new National Fraud Reporting Centre and National Fraud Intelligence Bureau

Tackling the most serious and harmful fraud threats, such as identity and mass marketing fraud

Disrupting and punishing more fraudsters while improving support to their victims, by working with the Association of Chief Police Officers (ACPO) and Victim Support, and introducing plea negotiations and extending Crown Courts’ powers in fraud cases

Improving the nation’s long-term capability to prevent fraud, by better co-ordinating fraud public awareness activity and building strong, supportive partnerships among the counter-fraud community.

Baroness Scotland QC has also explained how the strategy will help encourage a ‘joined-up’ approach to fraud prevention, detection and prosecution: “The National Fraud Strategic Authority will co-ordinate activity, remove gaps and overlaps, and maximise opportunities to ensure all counter-fraud activities can deliver the greatest possible results. We are working to provide real help now to people and businesses to make it tougher to defraud them.”

Related Articles

A PDF Summary of the NFSA strategy is available here.

More information on the strategy can be found at: http://www.attorneygeneral.gov.uk/

The NFSA has also produced a guide for consumers, which is available here, and can be distributed freely to your customers and contacts.

As a vehement campaigner for child safety on the internet, and MP for Luton South, Margaret Moran agreed to address 192business’ Prove ID seminar for retailers of age restricted goods.

Her speech included a background to her campaigning as well as her rationale behind the Online Purchasing (Age Verification) Bill. It also drew attention to self declaration for age verification:

 “The public is increasingly concerned about the availability of knives and alcohol to under-age youngsters, yet there are most often no age-checks online. Currently many online retailers simply ask customers to confirm their age by ticking a box and take no other measures to verify whether the person meets the age criteria.

This is a loophole that I felt urgently needed to be addressed.”

A full transcript of Margaret Moran's speech can be found below:

Age Sensitive Seminar, 11th March

Child Protection campaigning

I have campaigned long and hard on online child protection.

In 2005 My Ten Minute Bill on Child Pornography looked to require every internet service provider to declare in its company's annual reports and on its corporate website whether it is actively pursuing measures intended to prevent its customers from obtaining access to known child pornography websites.

But I also recognize the immense power of the web as a source of education, skills and plain fun for youngsters, and as a tool for communication between young people and politicians like me. In November 2007 I did an online exercise called “Kidspeak”, which gave children and young people who had suffered because of domestic violence the opportunity to talk about their experiences in a safe environment.

We must not frighten people off technology, which has huge potential for good in so many ways, but we must help people to guide young users, and prevent abusers from taking advantage of the openness and freedom of the internet.

The public is increasingly concerned about the availability of knives and alcohol to under-age youngsters, yet there are most often no age-checks online. Currently many online retailers simply ask customers to confirm their age by ticking a box and take no other measures to verify whether the person meets the age criteria.

This is a loophole that I felt urgently needed to be addressed.

The rationale behind the Online Purchasing (Age Verification) Bill

In January 2008 I put forward a Ten Minute Rule Bill on “Online Purchasing of Goods and Services (Age Verification)”, which was was given a first reading in the Commons in January.

It was supported by Sally Keeble, Kali Mountford, Judy Mallaber, Barbara Keeley, Fiona Mactaggart, Ian Stewart, Martin Salter, Lynda Waltho and Linda Gilroy.

The Bill would require online retailers and those who facilitate the sale of goods and services online to abide by the laws of the land in respect of age-restrictions.

Private Members' Bills rarely become law and are often used primarily to raise awareness of an issue. In the case of this Bill the hope is that the Government will pick up the issue, either for further Executive action or, if any strengthening of the law is needed, to incorporate it into a Government Bill.

The Bill is intended to encourage the online retail industry to take positive steps to ensure age compliance and to close the loophole which is allowing youngsters to buy age-restricted goods over the internet which they could never get from a shop on the High Street.

I am not someone who believes in legislation for legislation’s sake. Without awareness and education, regulation is not enough to tackle some of the big problems we face today with increasing connectivity, particularly in regards to protecting our children.

Before the internet, retailers had a comparatively easy job when it came to the sale of alcohol, tobacco, gambling, solvents and so on. If there was any doubt about a person's age, they could ask for identification and, if necessary, decline to sell. The consequences of getting it wrong could be dire. A bookie or a landlord could be fined, lose their licence or worse; a cinema or nightclub could be closed down.

Now gambling, alcohol and of course pornography can now be obtained online. Yet there are still most often no checks online, and children can very easily bypass the age-restrictions that exist in the offline world by jumping onto a computer.

Sadly, self-regulation is not working. It is clear that very few online retailers have procedures or software in place to prevent the sale of age-restricted goods to children.

Banks routinely provide legal minors, in some cases children as young as 11, with Solo or Visa Electron cards that can be used to make payments on the internet and are widely accepted on every kind of website.

There are also pre-paid, or stored value cards, available which can be bought as gifts and given to people of any age, or even bought over the counter for cash. Such cards can allow children to get to places on the internet or buy goods and services online that they would never be able to access in real life.

Unlike the British high street, where proving your age is mandatory when buying alcohol or pornography, there are currently no laws forcing British online retailers to secure proof that customers are over 18.

Many online retailers simply ask customers to confirm their age by ticking a box and take no other measures to verify whether the person meets the age criteria. This is clearly inadequate.

The exception to that rule is online gambling, where companies are required to have proof of someone's age before allowing them to bet.

In the case of age restrictions on gambling, it took further action to push gambling sites into complying. However the gambling industry only had a single age restriction to take into account, but there are more complicated age restrictions in other industries. One of the ways that the age restrictions for gambling was a success was that the Advertising Standards Authority ensured that no British advertising company will accept a contract for a gambling site that doesn’t comply with the age verification conditions. Even if that website is international, the advertising agency has to ascertain if that company fits with the criteria – if it does not they will refuse to advertise that site.

Nobody compels anyone to sell age-restricted goods or services over the internet; they choose to do so. Therefore, unless companies can be sure they are selling goods legally, they should stop selling them online altogether.

There are technological solutions to age verification, and companies are providing online age and ID check solutions in order to screen minors.

We need to encourage the responsible retailers to set the goal posts high so that others working online emulate good practices not bad.

Self-regulation

Self-regulation is a bargain. It is a bargain between, on the one hand, politicians and Governments, to stay out of an area of public concern, in return for, on the other, good faith efforts being made by industry to deal with the causes of those concerns. That is a great idea. The problem with it is that industry is not a cohesive single group that always acts in a co-ordinated and disciplined way. In fact if it was like that we might start worrying instead about cartels and restrictive practices or abuse of monopoly power or oligarchical powers.

Take social networking as a clear example. I doubt there is an MP in Westminster who has not had at least one complaint made to them, probably like me they will have had many more, about YouTube`s persistent and wilful strategy to avoid taking responsibility for what happens on its site. They do not police their site looking for bad material - material which breaches their terms and conditions - yet other social networking sites do. MySpace does. If MySpace can, and does, then why doesn`t YouTube?

We cannot have two internet industries: one composed of good guys, one made up of people who clearly don`t give a damn. Governments and politicians exist to protect the public interest - to protect those who are powerless to influence big, rich corporations like Google. Politicians and Governments around the world are, like me, beginning to feel much more confident about intervening in these debates.

We are no longer willing to opt out, to say "Its all too difficult, it’s all so global and so technical, I am powerless." Well we’re not powerless. In the end, in a democracy, the people will have their way. The people will find a way. We elect Governments to deal with powerful vested interests, not collapse in front of them and give them a free hand to do whatever they feel like. Societies do not exist simply to allow companies to develop and market new products. The sooner some executives in the high tech industries realise that, the better it will be for all concerned.

What is happening now?

The Age Verification Bill was introduced in the House of Lords by Baroness Doreen Massey in January.

We are currently waiting for a date for the 2nd Reading. The key difference between the Commons and the Lords, however, is that if the Bill is given a 2nd Reading then there will be a full debate and the Government will have to come to the Despatch Box and reply.  No one expects the Government to say that they are opposed to the Bill.

The Bill is exactly the same as the one I proposed, meaning that it delegates powers to the Secretary of State to make regulations. In this way it is closely following the path taken when dealing with online gambling.

It is clear that there is wide ranging support for the Bill. I put together a summit at the Houses of Parliament in December which brought together fellow parliamentarians, retailers, representatives of trading standards, home office officials, passport services, children’s charities and trade associations, each determined to make the internet safe and a force for good practice.

The participants raised some important points.

One of the comments in the public meeting was that online retailers may be reluctant to take the first step as there is a perception that it may harm business by putting up barriers to the consumer. Only in a level playing field might it make sense. This is where government can step in, by creating a level playing field for business where everyone is asked to take adequate steps

I don’t believe that online retailers want to go out of their way to sell restricted goods to underage consumers.

The Trading Standards Officer for Greenwich Council, Maureen O’Mara, spoke at the meeting.

I’m pleased to say that Trading Standards Officers from around the country are beginning to get very active in this field, particularly in relation to the sale of knives.

So I welcome events like these that encourage debate of this important issue and brings together retailers with solution providers and public officials. This way we can ensure a proper and lasting solution to this that everyone is pleased with and that provides the protection that is needed.”

A BBC investigation has proved how easy it is to buy and use botnets. A botnet is an automatic term for a collection of software robots (bots), that run autonomously and automatically. They can be used to send out spam messages, carry out Denial of Service (DoS) attacks and store stolen data including credit card details.

The BBC’s Click programme carried out an investigation using a ‘low skill’ bot which sent out a spam mail to two test email addresses. Within hours the inboxes started to fill up with thousands of spam messages and it is estimated that the investigation ended with 22,000 infected computers.

Greg Day from security firm McAfee explained the value of botnets for committing credit card fraud: “Computers from the US and the UK go for about $350 to $400 (£254-£290) for 1,000 because they've got much more financial details, like online banking passwords and credit cards details"

The video below is an excerpt from the full report, and shows how quickly a botnet can begin work. The full programme will be broadcast on Saturday 14 March at 11.30am on the BBC News Channel.