The Real Identity Blog

My wife, a brilliant numbers person, spent many years in the classroom as a teacher, until I finally convinced her to forgo the incredible pay and astounding benefits in exchange for life as a highly-in-demand math tutor. As a tutor, she typically gets two kinds of kids: the ones who can use a little (or a lot of) help, and the ones who are already killing it but have parents that want them to kill it even harder.

How can we secure identities online? In a brief video interview with Yale Insights, Socure’s Co-Founder and Chief Strategy Officer Sunhil Madhu discusses the current state of affairs when it comes to data breaches and fraud (spoiler alert: it’s safe to assume everyone’s data has been stolen several times over); the ways in which current tokenization efforts are not enough; and how social networks and connections are the wave of the future (and the present) when it comes to verifying and securing identity.

In today’s digital world, identity verification is becoming increasingly important as the threat of identity fraud continues to grow. In 2017, there were more than 1,200 data breaches, with more than 2 billion separate identities stolen. Already in the first half of 2018, identity theft and synthetic identity attacks have more than doubled from Q4 of 2017.

Traditional identity verification uses static rules and linear models applied to credit bureau data, which is often stale and easily accessible to fraudsters because, if we’re being honest, your birthday, Social Security number, and mother’s maiden name have already most likely been leaked in some previous data breach. So with these kinds of numbers, it’s clear that companies must rethink how best to originate user accounts online and develop new approaches for verifying their users. 

Last year’s Equifax breach left upwards of 145 million people’s personal identity information (PII) in the hands of fraudsters.

Since 2005, more than 816 million individuals’ records were stolen in more than 4,500 reported breaches.

In 2018 alone, major companies like Whole Foods, Kmart, and Under Armour have already experienced breaches, exposing hundreds of millions of customers’ personal data.

Data breaches are so common now that it’s safe to assume that no one’s information is private and that we’ve all been hacked. As a result, it’s on us to think carefully about how fraudsters are actually using the PII they steal. And in order to best protect businesses and consumers, it’s on us to reconsider the traditional approaches to identity verification —which clearly aren’t working.