Slowing fraud requires executive order on digital theft

It is Groundhog Day again as another State of the Union address has come and gone with the administration missing an opportunity to lead on digital identity. 

It’s been two years since President Biden first announced his intention to take executive action to “prevent and detect identity theft involving public benefits, while protecting privacy and civil liberties and preventing bias that results in disparate outcomes.” The announcement came in the wake of unprecedented levels of fraud from criminal enterprises and nation-states that cost the nation billions. 

And while last year’s National Cybersecurity Strategy emphasized the importance of addressing digital identity challenges at the national level, there has been no action and a lack of details on the path forward. 

It’s well past time the public sector builds a digital identity ecosystem that works for everyone, because the simple truth is that today, the federal government isn’t doing enough to stop fraud. 

Fraud losses surpassed $10 billion in 2023 

A financial advice columnist got a call from an online retailer. There was suspicious activity on her account and, due to a rise in identity fraud, she was being transferred to a representative from the Federal Trade Commission. 

The person on the other line knew her Social Security Number and said accounts in her name were being used to perpetrate crimes like money laundering and drug trafficking. To secure her savings, she must withdraw $50,000 in cash. Only after she’d parted with the money did she realize she’d been scammed. Unfortunately, hers was not an isolated incident.

The fact is that 2023 was a banner year for fraud. 

According to a recently released report from the Federal Trade Commission, fraud losses reached a record high of $10 billion in 2023. Younger adults – Gen Z, millennials, and Gen X – were victimized at a higher rate than older adults. Identity theft was the top reported complaint. And the rise of Generative AI enabled new fraud techniques that went undetected by traditional approaches.  

Yet, identity fraud is not a new problem. My colleagues and I sounded the alarm years ago when we were in government. We saw the need for modern approaches to digital identity management, including public-private partnerships, new technology innovation, new acquisition approaches, and new processes. Unfortunately, a lack of accountability and focus resulted in little to no changes in the years that followed. This is now a glaring gap that has persisted across administrations.

What the digital theft EO should include 

The long-anticipated executive order on digital theft should include plans for robust identity verification that stops fraud and provides equitable and timely access to benefits. This means: 

• Fighting AI with AI.  Government must acknowledge that only advanced technologies, and not humans, will be able to accurately determine if an ID is valid. 
• Prioritizing transparency. Government must require the reporting of key measurements, like accuracy and equity, to highlight what works and what doesn’t and move away from legacy systems proven to be unable to detect and stop new threats.
• Adopting a layered-defense approach. Government
•  should invest in new approaches that look at every aspect of an identity, including liveness detection, instead of relying on a single point of protection.

Bad actors are showing no signs of slowing down and protecting people from fraud requires bold, and swift action.  The time to act is now.