Trust in God; but lock your car!

Prashanth Kumar, Director, Digital Strategies, Wunderman
If you happily go about distributing personal information on the internet, you could be setting yourself up for identity theft! -- Prashanth Kumar

When India’s poster-boy for IT entrepreneurship – Nandan Nilekani – quit his position as co-chairman and board member of Infosys Technologies to take over as chairman of Unique Identification Authority of India (UIAI) it sent shockwaves throughout corporate India. While one section lauded the move and sighed in relief about how the ambitious project of providing every Indian with a unique identity number would finally see the light of day, other sections were frankly surprised at his decision. Of course, Nilekani hinted at something similar in his successful book ‘Imagining India’ but few believed that he could actually walk the talk and become a part of the system. All things considered, it is a laudable decision.

However, a smaller section of people (myself included) were also a tad wary. Wary about how such a scheme could change the dynamics of our individual security. Allow me to explain. UIAI is not a new initiative. Several previous attempts to provide over a billion Indians with unique Ids on the lines of the US Social Security Number have failed miserably. The no-longer-acknowledged Voter Identity Card was one such prominent failure. Nobody undermines the spectacularly ambitious nature of the project. To millions of Indians currently groaning under the weight of multiple proofs of identity, the unique identity will be a godsend.

It will also be a godsend for another fringe section of society – scamsters! Now, all they require is a single identity card and your entire life is theirs to mine for all it is worth. And mining they are – with gay abandon. According to a report by the Internet Crimes Complaint Centre, internet rip-offs increased to 33 per cent last year, causing a loss of $265 million to the victims. India comes fifth in the list of countries where these crimes were reported. Mind you, the statistics only account for reported crimes – there are still so many which are not reported.

Identity theft is not new. It has been around as long as identities themselves have been. But considering the social media powered society we currently live in, the implications, and risks, are enormous. Take a simple scenario. You have an email Id that you have been using for some length of time. Maybe this is your primary Id. This is the Id you use to log-in and access a wide variety of social networking sites. Profiles you link to can view this Id when they peruse your information. Your Picasa or Flickr albums are probably tagged with the Id. So, anyone looking for information about you already has your personal Id, a good idea of what you look like and maybe even photos of your friends and family. If your blog is linked (as it probably is) they know even more about the kind of person you are, your likes, dislikes, raves and rants. And, if you are foolish enough to gleefully distribute snippets of personal information across social networking sites, they probably even have your mother’s maiden name and other relevant details. From there, it is a simple step to acquire (illegally of course) credit card numbers from any of the hundreds of touts peddling it on the net, run a quick query to match your details with your account number and start making the most of your line of credit. Not a difficult thing at all! And at times, the social networking sites themselves go the extra mile to expose you to identity theft!

So far only thing making such access difficult – a sort of an in-built safety mechanism – is that we Indians have had a plethora of numbers criss-crossing our lives. Our birth certificate number is different from our school leaving certificate; which in turn is different from our passport number which has no connection whatsoever with our PAN number. Bring them all under a common umbrella where these disparate databases start communicating with each other and you have an efficient, organized system of linking various aspects of your life. By the same logic, identity thieves have a lot of work reduced in their quest for your information. Information that could prove valuable to them and could result in real losses to you. And for those of you, who conveniently presumed that this was a purely developed-world phenomenon, think again. Indian instances of identity theft, especially credit card fraud, are only increasing.

Not all cases of identity theft are linked to money. But there are a few things which can prove to be more expensive and can cause quite a bit of a headache. Imagine, if your email Id were hacked and you no longer had access to it? All those personal mails from friends and family being read through by some online stranger? Even your bank statements are in there right? Of your bank account? Your PayPal Id? Any of the scores of accounts you have with online e-tailers like shopping sites or Amazon? Think of the time and effort it would take to sift through all the information, stop/initiate credit cards and debit accounts and the hours wasted in changing/editing login and password details. The very thought is enough to make one paranoid about going online at all! The objection of all this information is not to induce you to stay away from the online world. Rather, it is an exhortation, in the immortal words of Intel’s former CEO Andy Grove, that only the paranoid survive!

Anyway, to come back to Nandan Nilekani, looks like our Minister for Unique Ids has himself been a victim of identity theft. The Twitter account Twitter.com/NandanNilekani was neither created nor maintained by the real Nandan Nilekani. The account is currently suspended, but makes you wonder that if this can happen to one of the most famous personalities of Indian business, what is the fate of common Joe’s like you and me? On the other hand, maybe we are totally safe! After all, who in their right mind is going to take the time or effort to steal the identity of a non-entity, right?