It upsets me a lot how these financial institutions have complete power over us. God forbid a bank writes a loan to a scammer in your name, cause to them it's your fault. Absurd!
Yes!
The only real change that needs to happen is that banks needs to be liable for loans they write in your name fraudulently. If they accept stolen data without verifying it is actually you, it needs to be their fault.
The current system of it being your fault makes no sense.
> banks needs to be liable for loans they write in your name fraudulently
Is this not the case already? I know that it could be an incredible hassle to prove that you didn't take out the loan and that someone else has stolen your identity. (There's also the question of who has the onus of proof -- you or the bank.) But if it's a fraudulent loan and you could prove it was fraudulent (which I agree could be difficult to prove), can you be held responsible?
> But if it's a fraudulent loan and you could prove it was fraudulent (which I agree could be difficult to prove), can you be held responsible?
The simple answer to this is "no." Identity theft can take time and, occasionally, a small amount of money to clean up. This has a very real cost if you happen to be a person that has little of these resources. But you can never* be held responsible for a loan you didn't take out.
This is also the core reason why Equifax has not suffered many consequences: it's because the real world harm of their negligence simply wasn't that significant. I don't even know if there is any data to show that the number of identity thefts has increased in the wake of their breach.
*Unless I guess you receive a summons to a court date and don't show up and someone gets a default judgment against you. "Never," here, as usual, means "extremely rarely."
From a quick Google search I got "Online fraud attack rates have increased by 13% since the start of 2017, according to a new study from e-commerce fraud-prevention provider Forter. Digital goods—including gift cards, gaming and music—experienced the sharpest increase in online fraud in the wake of the Equifax breach, soaring 167% between the first quarter of 2017 and the same period a year later, Forter said. E-commerce sellers of electronics saw a 66% increase in online fraud over the same period, and online fraud in food and beverage also showed a sudden surge." though who knows how reliable that is.
One thing I hate about massive corporations is that there's no semblance of accountability. I'm not looking for Hamurabi's law, but as long as companies can act with impunity in the face of the law we're in for a rough future :[
The thing is, the burden of proof shouldn't be on the victim to prove that the loan was fraudulent. The bank should have to prove that it was valid otherwise it's automatically ruled in the victim's favor. You know, innocent until proven guilty and all that.
If an average individual had done this, they would face charges (and they should.) But mysteriously when it is done tens of thousands of times it somehow becomes legitimate. I'm a pretty liberal person but I am deeply disappointed in the previous US administration for not pursuing this scandal towards justice.
Equifax really isn't a financial institution. But yeah, in a capitalist system, it shouldn't be surprising that capital has power over you just like in a monarchy, the monarchs have power over you.
Power is never taken. It can only be given. That’s why threats of violence from the would-be rulers are usually necessary. A few people having power over the many is because the many don’t scare the few.
Just issue public/private keys to citizens. They sign with their private key, banks verify with their public key. Anyone can request your public key from the Social Security Administration via API. Done.
The SSN acting both as the identifier and the password is the real problem, and throwing the blockchain into the mix just complicates things more.
We still need a central agency. It's the authentication method that is pathetically worthless.
Terrible idea. If you try to force users to do key management, you've lost.
Keybase is the only one getting this right, and people are now claiming they're ignoring security in order to do it. It would be a dumpster fire to trust government agencies to get the design requirements right.
For the last several decades, many of us Americans have become too skeptical about what government can do in terms of technology, even while it's completely true that government often gets it wrong.
Let's all move to a system where, once someone has taken a fraudulent loan in your name, it gets put on a permant record that can't ever be changed or undone, what a great idea!
You'd think that crypto proponents would have learned after the first five major bitcoin breaches and millions of dollars of losses without recourse, that having trusted people with the power to change transaction history is a good thing.