2187567007_b577ef1786_mWith more apps helping us manage our lives – whether it’s mobile banking, mobile shopping, or ordering a cab for the night – identity fraud remains arguably the biggest problem that too many businesses aren’t thinking enough about. If large corporations like Target, Sony, and Home Depot aren’t able to protect themselves or their customers’ data, then we all have much more to learn.

Are we taking too much on faith?

Identity fraud issues are common enough, but most of us don’t ever imagine we’re truly at risk. Consider this: A good friend does all her personal banking with one bank, and has a debit/ATM and credit card with them. Within the past 60 days, she has received two new debit cards and one new credit card, because the bank was aware that her cards had been used recently somewhere where her information might have been compromised. This would be fairly disturbing, but for the words “might have been.”

As it turns out, her information – luckily – wasn’t actually compromised. In fact, the only real hassle has been updating her billing information repeatedly for services like Netflix and other scheduled payments. No harm, no foul. Except for the false sense of security this resolution encourages.

The vague language of the bank and the seamless process of activating new cards dissuaded her from worrying or asking questions – but shouldn’t she have? Shouldn’t we all? It’s great that her bank, and many like it, erred on the side of caution by reissuing a questionably compromised card. But is that just a smoke and mirrors show? At what point does “might have been” become reality? And what measures are in place to ensure it never does?

What businesses (and consumers, frankly) should be talking more about is identity verification – and stopping fraud altogether. The better the verification process, the better the protection all around, right? And though it’s not as simple as it sounds, there are many technology solutions out there right now working on optimizing those processes, without making consumers feel like they’ve got to sacrifice too much in the exchange.

Feeling safe without feeling invaded

One of the major challenges of creating better verification software is actually having the necessary data to identify individuals. Many consumers, as much as they use tech, don’t trust it either. Consumers are concerned about privacy, and for good reason. Thus, that’s where identity verification software providers get stuck. To protect consumers’ data, they need to invade their privacy a little.

According to Trulioo, identity verification companies are starting to think about how to use public social media data to beef up their security. By leveraging both alternative (cyber) and traditional data sources, such as credit bureaus, citizen files, electoral rolls, and telcos, businesses are able to more confidently verify identities with real-time data sources. There are, of course, some issues – like the accuracy of social data, and privacy concerns. The key to getting consumers on board will be for providers and businesses to be clear that they’re using this information and technology to help consumers, not take advantage of them.

But consumers aren’t the only ones at risk. Businesses asking for consumers’ trust must first protect themselves.

Be the change you wish to see

Because when a hack happens, businesses can be at risk too. Not only might they have to pay damages like Target did, but they jeopardize the relationships they’ve worked so hard to build with customers.

Some vendors, like financial management platform Due, are informing their users on how to protect themselves, building their relationship by admitting there’s a problem, and committing to arm customers with the information they need.

Businesses will need different layers of identity verification depending on their size and scope. It’s important they think about it from all sides – how to protect themselves and their customers – and find the solution that makes them feel confident. One thing they shouldn’t do is not think about it at all, or assume they’re protected without gaining a deeper understanding of how the software they’re using works.

Allowing ourselves to become overly confident and complacent about the degree of risk hasn’t worked. Hopefully admitting there is still a problem, and working to stay out in front of it, will.