DOCSLIB.ORG

Top Trends Shaping Identity Verification (IDV) in 2018

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Top Trends Shaping Identity Verification (IDV) in 2018 NOT LICENSED FOR DISTRIBUTION Top Trends Shaping Identity Verification (IDV) In 2018 Post-Equifax Breach, IDV Aggregators Will Cater To Multifaceted IDV Requirements by Andras Cser and Merritt Maxim March 29, 2018 Why Read This Report Key Takeaways In the face of increasing identity theft, stricter IDV Based On Credit Header Data Will Become compliance regulations, and the push for online Weaker — Get Ready To Fight Back customer acquisition, reliable, accurate, cost- After the 2017 Equifax breach, we entered a new effective, and easy-to-use identity verification era in which credit header data for IDV solutions (IDV) is becoming a core building block of any and knowledge-based authentication (KBA) customer or employee identity and access are inadequate for reliable identity verification. management (IAM) system. This document Firms will have to adopt new lower cost and less highlights the key trends shaping the IDV market intrusive IDV technologies, such as those based in 2018 and beyond and helps security and risk on device reputation or phone number. pros adapt their strategies, vendor selection, and Social And Behavioral IDV Will Lower Costs implementation. And Improve Accuracy Social IDV, based on comparing identity attributes to profiles on social media, and behavioral biometrics, verifying identities based on how a user moves the mouse or touches the screen, will lower the cost and improve the accuracy of day- to-day IDV across all verticals. FORRESTER.COM FOR SECURITY & RISK PROFESSIONALS Top Trends Shaping Identity Verification (IDV) In 2018 Post-Equifax Breach, IDV Aggregators Will Cater To Multifaceted IDV Requirements by Andras Cser and Merritt Maxim with Stephanie Balaouras, Madeline Cyr, and Peggy Dostie March 29, 2018 Table Of Contents Related Research Documents 2 Without Reliable IDV, Trust Erodes And The Forrester Wave™: Customer Identity and Everyone Suffers Access Management, Q2 2017 2 Evolving Your IDV Strategy In 2018 Now Tech: Identity Verification, Q1 2018 10 Supplemental Material The Strategic Role Of Identity Resolution Vendor Landscape: Identity Verification Solutions Share reports with colleagues. Enhance your membership with Research Share. Forrester Research, Inc., 60 Acorn Park Drive, Cambridge, MA 02140 USA +1 617-613-6000 | Fax: +1 617-613-5000 | forrester.com © 2018 Forrester Research, Inc. Opinions reflect judgment at the time and are subject to change. Forrester®, Technographics®, Forrester Wave, TechRadar, and Total Economic Impact are trademarks of Forrester Research, Inc. All other trademarks are the property of their respective companies. Unauthorized copying or distributing is a violation of copyright law. [email protected] or +1 866-367-7378 FOR SECURITY & RISK PROFESSIONALS March 29, 2018 Top Trends Shaping Identity Verification (IDV) In 2018 Post-Equifax Breach, IDV Aggregators Will Cater To Multifaceted IDV Requirements Without Reliable IDV, Trust Erodes And Everyone Suffers In 2015, cybercriminals gained access to the tax returns of approximately 104,000 individuals via the US Internal Revenue Service’s Get Transcript application.1 With in-depth knowledge of compromised consumer identities, the attackers created Get Transcript accounts for various taxpayers and successfully completed the identity verification process. This breach shined a spotlight on the importance of IDV and the consequences of poor IDV. Subsequent IDV failures, which have facilitated terrorist attacks, cybercrime, and terrorism, have served to further undermine trust in traditional methods while the global movement of goods, services, labor, and people have also shown these methods to be ineffective and unreliable for today’s businesses.2 S&R pros will need to evolve their IDV strategies sooner rather than later because: › The Equifax breach has accelerated the erosion of trust. With the recent Equifax breach, it’s safe to assume that fraudsters can gain easy access to a US-based victim’s actual name, address, date of birth (DOB), and Social Security number, thereby creating a “perfect identity” to steal.3 As a result, people are worried that their personally identifiable information (PII) is publicly available and are now more reluctant to provide it for IDV purposes. The loss of trust is actually bidirectional: 1) Firms trust their customers less when customers sign up for digital services, and 2) customers trust their service providers and vendors less with safeguarding their PII. › Tougher compliance laws will strive to regain some of it. Compliance mandates are getting more numerous and complex: Firms find it increasingly difficult to comply with PSD2, GDPR, 5AMLD, and other regulations without additional IDV investment. IDV is important for these compliance mandates because financial services institutions prefer to keep money launderers and fraudsters outside of their gates. Privacy and regulatory requirements also mandate disclosing the PII attributes a financial services institution maintains on a consumer — but have to authenticate the consumer before disclosing the information. Evolving Your IDV Strategy In 2018 It’s time to overhaul your existing, less secure, and less reliable IDV processes. To do so, you’ll have to take into account and adapt to ongoing trends and shifts in technology, architectures, and the vendor landscape. Trend 1: IDV Consolidates Into A Hub-And-Mesh Ecosystem Today’s organizations typically use one or only a handful of IDV methods to verify their potential and existing customers — with the most trusted IDV methods being email address, name, phone number, address, and ZIP code (see Figure 1). As fraudsters get smarter and gain access to more identity information, this reduces the effectiveness of only one IDV method. © 2018 Forrester Research, Inc. Unauthorized copying or distributing is a violation of copyright law. 2 [email protected] or +1 866-367-7378 FOR SECURITY & RISK PROFESSIONALS March 29, 2018 Top Trends Shaping Identity Verification (IDV) In 2018 Post-Equifax Breach, IDV Aggregators Will Cater To Multifaceted IDV Requirements › What you need to know. Forrester’s interviewees indicate that no single source of information is sufficient to establish a 360-degree view of any given customer. However, connecting the dots between the offline and online data available on a customer and using behavioral modeling to discover normal behavior and proactively intercept abnormal behavior of people and entities gives rise to a new delivery method of IDV service, called the IDV hub (see Figure 2). All vendors — while they maintain their core flavor of IDV — are moving toward providing, buying, and reselling data for their own and into each other’s hubs. › What you should do about it. Inventory and then revise your existing IDV portfolio and find out if you have all your bases covered. After it failed to detect money laundering early enough, a North American bank expanded its existing IDV services based on credit header data to include Experian’s IDV services based on device ID reputation — resulting in a 15% higher identity theft detection rate. Further, Forrester expects consolidation in the market, and, to some degree, all specialist vendors will either: 1) offer IDV hub services or 2) be acquired by IDV hub vendors (see ThreatMetrix’s acquisition by RELX in January 2018).4 FIGURE 1 Most Trusted IDV Methods “Which of the following data does your organization collect for identity verification (IDV)?” Email address 60% Name 54% Phone number 49% Address 43% ZIP code 41% Connecting phone and online 32% systems within the organization Social Security number 31% Device ngerprint or 30% device reputation Base: 1,097 network security decision makers (20+ employees) Source: Forrester Data Global Business Technographics® Security Survey 2017 © 2018 Forrester Research, Inc. Unauthorized copying or distributing is a violation of copyright law. 3 [email protected] or +1 866-367-7378 FOR SECURITY & RISK PROFESSIONALS March 29, 2018 Top Trends Shaping Identity Verification (IDV) In 2018 Post-Equifax Breach, IDV Aggregators Will Cater To Multifaceted IDV Requirements FIGURE 2 The Emerging IDV Hub Ecosystem Credit headers Blockchain Device IDs transaction-based Identity Behavioral verification Email and biometrics hub age of customer (aggregator) Social media/ Physical document/ self-asserted facial recognition MNO information Trend 2: Banks Will Continue To Rely On IDV Based On Credit Header Data In spite of the Equifax breach and its fallout, the entire US financial institution (FI) community still relies on the credit header-based IDV system. And since two-thirds of the US economy is based on consumer spending, it’s highly unlikely that we will see any major change in the current stance and policy of how customers can use their PII and credit information to apply for more credit. › What you need to know. While we’d like to see a quick move away from credit header-based services (traditionally the bread and butter business of the credit bureaus Equifax, Experian, IDology, LexisNexis Risk Solutions, and TransUnion and their data resellers and OEM partners), these data sources are here to stay for the next three to five years. In fact, many players in the IDV ecosystem (e.g., ID Analytics, Neustar, etc.) will likely seek to OEM this data to embed it in their services. Beyond five years, as other IDV methods not based on credit header evolve, Forrester expects this method to decline. › What you should do about it. If your firm uses these services for initial customer onboarding,
Load more

Recommended publications
  • HSBC Became Aware of Online Accounts Being Accessed by Unauthorized Users Between October 4, 2018 and October 14, 2018
    <<Field_36>> <<Field_37>> <<Field_38>> <<Field_39>>, <<Field_40>> <<Field_41>><<Field_42>> <<First Name>> << Middle Name>> <<Last Name>> Date: November 2, 2018 <<Address 1>> <<Address 2>> <<Address 3>> <<City>>, <<State>> <<Zip>><<4 Digit Zip>> Notice of Data Breach What Happened? HSBC became aware of online accounts being accessed by unauthorized users between October 4, 2018 and October 14, 2018. When HSBC discovered your online account was impacted, we suspended online access to prevent further unauthorized entry of your account. You may have received a call or email from us so we could help you change your online banking credentials and access your account. If you need help accessing your account, please call <<Field_47>>. We apologize for this inconvenience. HSBC takes this very seriously and the security of your information is very important to us. What Information The information that may have been accessed includes your full name, mailing Was Involved? address, phone number, email address, date of birth, account numbers, account types, account balances, transaction history, payee account information, and statement history where available. What We Are We have enhanced our authentication process for HSBC Personal Internet Doing. Banking, adding an extra layer of security. Out of an abundance of caution and at our expense, HSBC is offering you a complimentary <<Field_43>>-year subscription to Identity Guard®, a credit monitoring and identity theft protection service. Identity Guard not only provides essential monitoring and protection of credit data, but also alerts you to certain activities that could indicate potential identity theft. This program is provided by Intersections Inc. (NASDAQ: INTX), a leading provider of consumer and corporate identity risk management services.
    [Show full text]
  • Parker Review
    Ethnic Diversity Enriching Business Leadership An update report from The Parker Review Sir John Parker The Parker Review Committee 5 February 2020 Principal Sponsor Members of the Steering Committee Chair: Sir John Parker GBE, FREng Co-Chair: David Tyler Contents Members: Dr Doyin Atewologun Sanjay Bhandari Helen Mahy CBE Foreword by Sir John Parker 2 Sir Kenneth Olisa OBE Foreword by the Secretary of State 6 Trevor Phillips OBE Message from EY 8 Tom Shropshire Vision and Mission Statement 10 Yvonne Thompson CBE Professor Susan Vinnicombe CBE Current Profile of FTSE 350 Boards 14 Matthew Percival FRC/Cranfield Research on Ethnic Diversity Reporting 36 Arun Batra OBE Parker Review Recommendations 58 Bilal Raja Kirstie Wright Company Success Stories 62 Closing Word from Sir Jon Thompson 65 Observers Biographies 66 Sanu de Lima, Itiola Durojaiye, Katie Leinweber Appendix — The Directors’ Resource Toolkit 72 Department for Business, Energy & Industrial Strategy Thanks to our contributors during the year and to this report Oliver Cover Alex Diggins Neil Golborne Orla Pettigrew Sonam Patel Zaheer Ahmad MBE Rachel Sadka Simon Feeke Key advisors and contributors to this report: Simon Manterfield Dr Manjari Prashar Dr Fatima Tresh Latika Shah ® At the heart of our success lies the performance 2. Recognising the changes and growing talent of our many great companies, many of them listed pool of ethnically diverse candidates in our in the FTSE 100 and FTSE 250. There is no doubt home and overseas markets which will influence that one reason we have been able to punch recruitment patterns for years to come above our weight as a medium-sized country is the talent and inventiveness of our business leaders Whilst we have made great strides in bringing and our skilled people.
    [Show full text]
  • Licensed By: TABLE of CONTENTS
    Licensed by: TABLE OF CONTENTS Overview ........................................................................................................................................................................................ 4 Executive Summary ........................................................................................................................................................................ 5 Recommendations .......................................................................................................................................................................... 7 Toward a New Model of Identity Proofing ..................................................................................................................................... 8 Designing a Robust ID Proofing Workflow ................................................................................................................................... 12 Introducing Javelin’s FIT Model .................................................................................................................................................... 13 Overall ........................................................................................................................................................................................... 13 Functional ..................................................................................................................................................................................... 14 Innovative ....................................................................................................................................................................................
    [Show full text]
  • Wolters Kluwer Governance Roadshow
    Wolters Kluwer Governance Roadshow Selection & Remuneration Committee of the Supervisory Board of Wolters Kluwer September, 2020 Governance Roadshow, September 2020 1 Forward-looking statements This presentation contains forward-looking statements. These statements may be identified by words such as "expect", "should", "could", "shall", and similar expressions. Wolters Kluwer cautions that such forward-looking statements are qualified by certain risks and uncertainties that could cause actual results and events to differ materially from what is contemplated by the forward-looking statements. Factors which could cause actual results to differ from these forward-looking statements may include, without limitation, general economic conditions, conditions in the markets in which Wolters Kluwer is engaged, behavior of customers, suppliers and competitors, technological developments, the implementation and execution of new ICT systems or outsourcing, legal, tax, and regulatory rules affecting Wolters Kluwer's businesses, as well as risks related to mergers, acquisitions and divestments. In addition, financial risks, such as currency movements, interest rate fluctuations, liquidity and credit risks could influence future results. The foregoing list of factors should not be construed as exhaustive. Wolters Kluwer disclaims any intention or obligation to publicly update or revise any forward-looking statements, whether as a result of new information, future events or otherwise. Growth rates are cited in constant currencies unless otherwise noted.
    [Show full text]
  • Workers' Compensation Payer List (PDF)
    WORKERS' COMPENSATION / AUTO PAYER LIST 09/10/2021 All WORK * Provider must be contracted with Carisk Payer ID TX MN CA IL LA NJ NY OR WI NC NM OK TN VA States 837P 837I COMP AUTO 835 *Carisk Imaging to Allstate Insurance - Auto Only E1069 x x x x Rejects Only *Carisk Imaging to Geico (Auto Only) GEICO x x x x Rejects Only *Carisk Imaging to Nationwide (Auto Only) A0002 x x x x Rejects Only *Carisk Imaging to New York City Law Department NYCL001 x x x x Rejects Only *Carisk Imaging to NJ-PLIGA E3926 x x x x Rejects Only *Carisk Imaging to North Dakota WSI NDWSI x x x x *Carisk Imaging to NYSIF NYSIF1510 x x x x Rejects Only *Carisk Imaging to Progressive Insurance (Auto Only) E1139 x x x x Rejects Only *Carisk Imaging to Pure (Auto Only) PURE01 x x x x Rejects Only *Carisk Imaging to Safeco Insurance (Auto Only) E0602 x x x x Rejects Only *Carisk Imaging to SafeTPA, LLC (NY Only) SAFE01 x x x x Rejects Only *Carisk Imaging to Selective Insurance (Auto Only) E1077 x x x x Rejects Only *Carisk Imaging to USAA (Auto Only) A0001 x x x x Rejects Only 1st Auto & Casualty J1585 x x x x x 21st Century Insurance 41556 x x x x Rejects Only 22125 Roscoe Corp. 41556 x x x x Rejects Only AAA Minnesota/Iowa 11983 x x x x x AAA Northern California, Nevada & Utah Insurance Exchange 41556 x x x x Rejects Only ABC Const.
    [Show full text]
  • Annex 1: Parker Review Survey Results As at 2 November 2020
    Annex 1: Parker Review survey results as at 2 November 2020 The data included in this table is a representation of the survey results as at 2 November 2020, which were self-declared by the FTSE 100 companies. As at March 2021, a further seven FTSE 100 companies have appointed directors from a minority ethnic group, effective in the early months of this year. These companies have been identified through an * in the table below. 3 3 4 4 2 2 Company Company 1 1 (source: BoardEx) Met Not Met Did Not Submit Data Respond Not Did Met Not Met Did Not Submit Data Respond Not Did 1 Admiral Group PLC a 27 Hargreaves Lansdown PLC a 2 Anglo American PLC a 28 Hikma Pharmaceuticals PLC a 3 Antofagasta PLC a 29 HSBC Holdings PLC a InterContinental Hotels 30 a 4 AstraZeneca PLC a Group PLC 5 Avast PLC a 31 Intermediate Capital Group PLC a 6 Aveva PLC a 32 Intertek Group PLC a 7 B&M European Value Retail S.A. a 33 J Sainsbury PLC a 8 Barclays PLC a 34 Johnson Matthey PLC a 9 Barratt Developments PLC a 35 Kingfisher PLC a 10 Berkeley Group Holdings PLC a 36 Legal & General Group PLC a 11 BHP Group PLC a 37 Lloyds Banking Group PLC a 12 BP PLC a 38 Melrose Industries PLC a 13 British American Tobacco PLC a 39 Mondi PLC a 14 British Land Company PLC a 40 National Grid PLC a 15 BT Group PLC a 41 NatWest Group PLC a 16 Bunzl PLC a 42 Ocado Group PLC a 17 Burberry Group PLC a 43 Pearson PLC a 18 Coca-Cola HBC AG a 44 Pennon Group PLC a 19 Compass Group PLC a 45 Phoenix Group Holdings PLC a 20 Diageo PLC a 46 Polymetal International PLC a 21 Experian PLC a 47
    [Show full text]
  • Ftse4good UK 50
    2 FTSE Russell Publications 19 August 2021 FTSE4Good UK 50 Indicative Index Weight Data as at Closing on 30 June 2021 Index weight Index weight Index weight Constituent Country Constituent Country Constituent Country (%) (%) (%) 3i Group 0.81 UNITED GlaxoSmithKline 5.08 UNITED Rentokil Initial 0.67 UNITED KINGDOM KINGDOM KINGDOM Anglo American 2.56 UNITED Halma 0.74 UNITED Rio Tinto 4.68 UNITED KINGDOM KINGDOM KINGDOM Antofagasta 0.36 UNITED HSBC Hldgs 6.17 UNITED Royal Dutch Shell A 4.3 UNITED KINGDOM KINGDOM KINGDOM Associated British Foods 0.56 UNITED InterContinental Hotels Group 0.64 UNITED Royal Dutch Shell B 3.75 UNITED KINGDOM KINGDOM KINGDOM AstraZeneca 8.25 UNITED International Consolidated Airlines 0.47 UNITED Schroders 0.28 UNITED KINGDOM Group KINGDOM KINGDOM Aviva 1.15 UNITED Intertek Group 0.65 UNITED Segro 0.95 UNITED KINGDOM KINGDOM KINGDOM Barclays 2.1 UNITED Legal & General Group 1.1 UNITED Smith & Nephew 0.99 UNITED KINGDOM KINGDOM KINGDOM BHP Group Plc 3.2 UNITED Lloyds Banking Group 2.39 UNITED Smurfit Kappa Group 0.74 UNITED KINGDOM KINGDOM KINGDOM BT Group 1.23 UNITED London Stock Exchange Group 2.09 UNITED Spirax-Sarco Engineering 0.72 UNITED KINGDOM KINGDOM KINGDOM Burberry Group 0.6 UNITED Mondi 0.67 UNITED SSE 1.13 UNITED KINGDOM KINGDOM KINGDOM Coca-Cola HBC AG 0.37 UNITED National Grid 2.37 UNITED Standard Chartered 0.85 UNITED KINGDOM KINGDOM KINGDOM Compass Group 1.96 UNITED Natwest Group 0.77 UNITED Tesco 1.23 UNITED KINGDOM KINGDOM KINGDOM CRH 2.08 UNITED Next 0.72 UNITED Unilever 7.99 UNITED KINGDOM KINGDOM
    [Show full text]
  • Constituents & Weights
    2 FTSE Russell Publications 19 August 2021 FTSE 100 Indicative Index Weight Data as at Closing on 30 June 2021 Index weight Index weight Index weight Constituent Country Constituent Country Constituent Country (%) (%) (%) 3i Group 0.59 UNITED GlaxoSmithKline 3.7 UNITED RELX 1.88 UNITED KINGDOM KINGDOM KINGDOM Admiral Group 0.35 UNITED Glencore 1.97 UNITED Rentokil Initial 0.49 UNITED KINGDOM KINGDOM KINGDOM Anglo American 1.86 UNITED Halma 0.54 UNITED Rightmove 0.29 UNITED KINGDOM KINGDOM KINGDOM Antofagasta 0.26 UNITED Hargreaves Lansdown 0.32 UNITED Rio Tinto 3.41 UNITED KINGDOM KINGDOM KINGDOM Ashtead Group 1.26 UNITED Hikma Pharmaceuticals 0.22 UNITED Rolls-Royce Holdings 0.39 UNITED KINGDOM KINGDOM KINGDOM Associated British Foods 0.41 UNITED HSBC Hldgs 4.5 UNITED Royal Dutch Shell A 3.13 UNITED KINGDOM KINGDOM KINGDOM AstraZeneca 6.02 UNITED Imperial Brands 0.77 UNITED Royal Dutch Shell B 2.74 UNITED KINGDOM KINGDOM KINGDOM Auto Trader Group 0.32 UNITED Informa 0.4 UNITED Royal Mail 0.28 UNITED KINGDOM KINGDOM KINGDOM Avast 0.14 UNITED InterContinental Hotels Group 0.46 UNITED Sage Group 0.39 UNITED KINGDOM KINGDOM KINGDOM Aveva Group 0.23 UNITED Intermediate Capital Group 0.31 UNITED Sainsbury (J) 0.24 UNITED KINGDOM KINGDOM KINGDOM Aviva 0.84 UNITED International Consolidated Airlines 0.34 UNITED Schroders 0.21 UNITED KINGDOM Group KINGDOM KINGDOM B&M European Value Retail 0.27 UNITED Intertek Group 0.47 UNITED Scottish Mortgage Inv Tst 1 UNITED KINGDOM KINGDOM KINGDOM BAE Systems 0.89 UNITED ITV 0.25 UNITED Segro 0.69 UNITED KINGDOM
    [Show full text]
  • Copy of Draft Customer Privacy Policy July 2021 V3.0 CLEAN
    Privacy Policy Version number: 4.0 Date published: 27/09/2021 The Registered Office of Shell Energy Retail Limited is Shell Energy House, Westwood Business Park, Westwood Way, Coventry CV4 8HS, UK. Registered in England and Wales. Company number 05070887. 1 Privacy Policy Version number: 4.0 Policy date: 27/09/2021 Shell Energy is committed to ensuring the privacy and security of your personal data. This Privacy Policy explains what personal data are processed about you, why we are processing your personal data and for which purposes, how long we hold your personal data for, how to access and update your personal data, as well as the options you have regarding your personal data and where to go for further information. In this Privacy Policy, when we refer to "personal data", we mean information which could directly identify you (for example, your name or national insurance number) and information which could indirectly identify you, meaning that it could identify you when combined with other information which we hold about you (for example, your gender or date of birth). "Process" or "processing" means just about any conceivable use of personal data, including recording, storing, viewing or disclosing personal data. Shell Energy Retail Limited (company number 05070887) is the data controller of your personal data (referred to in this Policy as “Shell Energy” or “we”). If you have any questions about your personal data which are not answered by this Policy, please contact our Data Protection Officer: By post: Data Protection Officer Shell Energy, Shell Energy House, Westwood Business Park, Westwood Way Coventry, CV4 8HS.
    [Show full text]
  • 3855 Credit Profile Report Product Sheet
    Helping agencies Credit Profile Report make more informed decisions Leverage the power of data in decision making to increase the overall effectiveness and efficiency of your agency. From conducting background checks to determining eligibility for social services, the best decisions begin with the best information. Unparalleled insight on are maintained in Experian’s File OneSM 220 million individuals database. Your inquiry initiates a search of this database, which leverages Experian’s Credit Profile Report gives expert search and match capabilities to you the accurate, current and complete produce a consumer’s credit history. information you need to: • Investigate — Conduct background Complete — File One is the most checks and obtain information comprehensive consumer credit such as current and previous information available, with more than names and addresses, Social 60 million transactions updated daily Security numbers, date of birth and Accurate — Experian’s files are employment information updated 24-7 and provide high-integrity, • Assess and validate — current information Review financial status, including outstanding debt, to determine Easy to read — Our easy-to-read capacity to pay obligations such reports group similar data elements for as court restitution and child fast, simple analysis support arrears Flexible — Various display and delivery • Evaluate — Determine applicant formats are available eligibility for public assistance, subsidized programs, government Make better decisions and help your financing, loans and grants
    [Show full text]
  • Bakerhostetler
    RECEIVED BakerHostetler JUL 2 9 2019 CONSUMER p IO-i'i:GTION Baker&Hostetler LLP 999 Third Avenue Suite 3600 Seattle, WA 98104-4040 T 206 .332 .1380 F 206.624 .7317 July 26, 2019 www.bakerlaw.com Andreas T. Kaltsounis direct di al: 206.566.7080 [email protected] Via overnight mail Attorney General Gordon MacDonald New Hampshire Office of the Attorney General 33 Capitol Street Concord, NH 03301 Re: Security Incident Dear Attorney General MacDonald: We are writing on behalf of our client, Sage Financial Group ("Sage"), to notify you of a security incident involving two New Hampshire residents. Sage is a financial advisor located in West Conshohocken, Pennsylvania. Between May 11 and May 15, 2019, an unauthorized actor may have remotely accessed information in a single Sage employee email account. When Sage detected the unauthorized access, it secured the affected account and began an investigation with the assistance of a leading cybersecurity firm. After an extensive investigation requiring a review of access logs and a comprehensive manual review of emails and attachments for personal information, Sage determined on June 26, 2019 that the account accessed by the unauthorized actor contained personal information, including the personal information of the New Hampshire residents. The personal information in the affected account may have included names, Social Security numbers, driver's license numbers, financial account numbers, and usemames and passwords. Beginning today, Sage is providing notice via postal mail to the affected individuals in substantially the same form as the enclosed letter. 1 To help monitor for any potential misuse of their personal information, Sage is offering the potentially-affected New Hampshire residents a complimentary one-year membership in credit monitoring and identity theft protection services through Experian.
    [Show full text]
  • Guide to Credit Scoring, Credit Reference and Fraud Prevention Agencies 2
    Guide to Credit Scoring, Credit Reference and Fraud Prevention Agencies 2 Credit scoring – what is it? Assessing applications for credit Credit scoring is designed to produce consistent decisions and As a responsible lender, we take into account your personal to ensure all applicants are treated fairly. and/or business circumstances when opening personal and business accounts or establishing the appropriate level Additionally, we have policy rules to determine whether of credit to grant you or your business. To help us do this, we will lend. These reflect our commercial experience and applications may be assessed using a process called credit requirements. For example, if we have direct evidence that you scoring. have shown poor management of credit products in the past we may decline your application. How does credit scoring work? Credit scoring takes into account information provided Every application to open an account or borrow money directly by you, any information we may hold about you, and involves a certain level of repayment risk for the lender, no any information we may obtain from other organisations. matter how reliable or responsible an applicant is. Credit Where we use information from other organisations, this may scoring enables us to calculate the level of risk for each include a licensed Credit Reference Agency (CRA) (see Credit applicant based on the information we have obtained. If the Reference Agencies section below). level of acceptable risk to us is exceeded, we will not accept the application. If we decline your application due to information obtained from a CRA or if you ask us, we will tell you which credit reference This does not mean that any declined applicant is a bad payer.
    [Show full text]