Fraud Protection Is So Easy. Why Won't We Do It?
You can take these very
simple steps to protect yourself, or be like lots of tech companies and keep
doing the same dumb things that lead to losses.
BY HOWARD
TULLMAN, GENERAL MANAGING PARTNER, G2T3V AND CHICAGO HIGH TECH
INVESTORS@TULLMAN
I have come to believe,
sadly, that it's impossible to convince the vast majority of digital consumers
that they should take the few simple steps, and invest the embarrassingly
modest amount of dollars needed, to protect the security and confidentiality of
their passwords. You can explain things to people repeatedly, but the simple
truth is that you can't understand things for them. If only we could learn
what's important before it's too late, we'd be far ahead of the game.
Prevention rather than cure. It's so much smarter and cheaper to avoid the
pothole entirely than to get a great deal on a tow truck or a new tire.
But instead of
preemptive actions, we're lazy, we're sloppy, and far too many of us continue
to use the same short, stupid, and easily solvable passwords repeatedly across
multiple applications on our phones and PCs. This creates continuing and
growing risks of losses, which can be many times the amount of the costs of
avoidance through basic preventative actions. When you're dying of thirst, it's
too late to start digging your well.
There are simple,
cost-effective solutions for password and secrets management available from
firms, like Keeper Security, that do a first-class job of
password protection. But it's far harder than you'd expect to convince people
to invest the one-time effort needed to protect their identity and
most valuable assets. We're apparently all willing to invest far more in trying
to secure something good or advantageous than we are in trying to keep
something bad from happening. And, amazingly, it doesn't get much better or
easier to get consumers to make such a move even after they've been hacked --
whether they know it or not.
You'd think, if there
was any substantial group of easily targeted and prospective adopters for
security solutions like these, that major tech companies, consulting and
accounting firms, government agencies, and their employees would be high on the
list, but, here again, it's a matter of the shoemaker's kids and
large-scale IT departments generally do a horrible job of patrolling and securing their own environments and
enforcing consistent security measures on their own teams.
But what's struck me
lately is an entirely separate set of exposures that relate -- with apologies to Capitol One --
to exactly "what's in your wallet" and what would happen if it was
lost or stolen in a theft or carjacking. Even the best password plans won't
really help you much in this situation, but a couple of simple steps and about
15 minutes of your time can make a huge difference.
I know that we see
hundreds of ads every week online or on the tube about how quickly and easily
we can shut down or replace a lost card, but here's a flash: All the contact
numbers and URLs that you need to reach and tell the many issuers that your
cards have gone astray are on the cards, which are in your wallet which -- in a
case like this -- you no longer have in your possession. It's a lot like trying
to use "Find My Phone" app when it's your phone that's missing and
that's where the app resides.
Worse yet, if you asked
yourself and answered honestly, you'd admit that you really have little or no
idea of exactly what credit cards, debit cards, access badges, medical alert
info, insurance stuff, licenses, and other stuff are stuffed in your wallet or
purse at the moment-- and absolutely no idea of who or how or where you'd go to
cut off, cancel, or replace these items.
So, here's what I would
suggest to save yourself a great deal of grief and a lot of running around
trying to track down and contact all these various parties when the problem
arises. And, by the way, while this is certainly a phygital solution from the age
of bricks and mortar, you can use the Keeper Security Vault application on your
phone to quickly and easily digitally store all the images I’m talking about
below securely on your cellphone and have them instantly available to you there
in the event of a lost wallet.
1. Inventory your wallet
or purse.
Throw away the
four-year-old business card from the guy at the Omaha airport you never called.
Dump the hardware store receipt for the touch-up paint you bought and never
used. Recycle the expired proof of insurance cards for the cars you sold years
ago. Do you really need to carry your voter's registration card anymore? You
get the idea.
2. Copy the cards and
store the information in a couple of places.
Put all the cards that are
still current and in use neatly on the glass of your printer, copier, or
whatever (or use your camera) and make copies of the front and back. This
shouldn't be more than a page or two. Make a few copies of the pages. Put the
date you created the pages on each page as a reminder of how current your
backup plan is.
3. Take an extra 5
minutes to write the contact phone numbers on the images of the front of the
cards.
A lot of the critical
info -- sometimes even the card numbers themselves -- isn't on the front of the
cards, which is why you need to copy both sides. But to save time and
confusion, I also find the number to call and write that number for each card
on the face image of the cards on your compilation pages so it's handy when you
need it.
4. Do the same thing for
your significant other and make sure you each have copies of both lists stored
in a safe place.
This may take a little
discussion, but again, it's worth doing and it's a good way for both of you to
review, rehearse, and understand what the necessary notification steps are in
the case of any lost cards.
Pat yourself on the
back(s) and hope you never need these lists. But remember that the frequency of
these problems is constantly increasing and the costs of not being prepared and
equipped to quickly deal with them are also growing. It's so much easier to
anticipate these things than to try to fix them after the fact. And, while the
past is past, it's never too late to change the future.
