Are We Losing the War on Identity Theft?


Steve Lappenbusch, Ph.D.
Tax and Revenue Strategic Market Planner, LexisNexis Risk Solutions

An identity is stolen every three seconds – adding up to about 27,000 per day. In 2012, more than 12 million Americans were victims of identity theft. Furthermore, there have been a record number of security data breaches in recent years that have exposed more than 822 million records, compromising individuals’ personal information such as name, Social Security number (SSN) or bank account. The likelihood that at some point in our lives  each of us will fall victim to a data breach or identity theft is alarmingly high.

Identity theft has become an epidemic for government agencies as well. No sector of government is immune for the simple reason that the government cannot possibly know all there is to know about a person’s identity footprint. This is advantageous to identity thieves. who take advantage of the vast quantities of confidential personal data that is transmitted online. They are using this information against us – and, sadly, they are winning.

There are three critically important factors that LexisNexis has learned that can help government stop the current epidemic of identity fraud. All three things challenge current assumptions in every government system:

  1. Everyone’s identity has already been compromised. 
  2. Government programs cannot possibly know all there is to know about a person’s identity. Identities are always bigger than the government.
  3. To assess an identity for risk, you have to understand identity risk outside government data.

Simply put, we are losing the war on identity theft. Our identities are freely available for pennies a piece on the Internet. It is time to defend ourselves against a crime where the fraud weapons used against us are our own identities. This is a fundamental change in the assumption around identities in government systems. Self-reported data must all be suspected, as most, if not all, identities have been compromised over time. Once the identity is assumed to be stolen, a new approach in identity risk analysis must be used.

Proceeding from the new, data-driven assumption that all identities are already stolen enables the government to think outside the traditional box of identity protection and begin thinking in terms of risk – identity risk. Specifically, how do tax agencies control the risk of all those stolen and synthesized identities hitting their tax systems – tax systems never originally designed for a world where you could not depend on the identity presented?

So, what is the answer? An approach that embraces identity risk analysis, rather than data matching, has proven effective at the state level. Primarily this means analyzing input tax identities against identity information far outside the tax system, or any government system, and against analytics derived from decades of identity risk expertise. 

Avoiding costly identity risks requires reconsidering what an identity really is, carefully cataloging and mapping your identities, and leveraging a unique combination of expertise, patented identity integration technology and a massive, unmatched, nationwide repository of identities going back more than 40 years. This allows you to take into account the complex, dynamic and rapidly changing nature of tax filer identities. It can also solve both owned and matched identity risks simultaneously by allowing identity integration. 

To learn more about identity challenges and risks facing the government today and solutions to help resolve these issues, visit