Online Identity Theft

Stolen Online Identities

Online identity theft is increasingly threatening Internet users. In Q1 2012, fraudsters traded over 12 million pieces of personal information online, a 200% increase over 2010.

BBC Warning about online fraud as information theft rises

Most people were unaware of their identity had been stolen until they were denied access to a service and in many cases, after irreparable damages were caused.

Most users have more than 26 online accounts but use only around 5 different passwords. In the past year, there have been a slew of attacks on websites resulting in user accounts being compromised: LinkedIn, eHarmony, Last.fm, Yahoo!, Android Forums, Billabong, amongst others.

Static Passwords Are Inadequate

Many of the online identity theft cases can be traced to the fact that the userid/password credential used by the victims in accessing a particular online service was compromised. The use of traditional static password is one of the biggest security vulnerabilities in the network world.

These userid and static passwords can be easily stolen by various forms of spyware that may have infected the client devices. More sophisticated techniques including network traffic sniffing can also expose this kind of highly sensitive information to hackers with malicious intents. Security breaches in the host systems of the online service providers are also a common cause of user identity theft at a grand scale.

SecurPAP: One-Time Password, 2-Factor Authentication

SecurPAP uses One Time Passwords (OTP) technology to protect user identity and to promote the adoption of OpenID in managing online identity.

OpenID is emerging as an industry standard in managing user identities. Its main concept is to offer its user a unified identity in accessing different online services and resources.

SecurPAP complements the OpenID standard by offering its user a much stronger security protection scheme through the use of dynamically generated OTP instead of the conventional static password.

Online services supporting the OpenID standard can be easily setup by the user to redirect future authentication requests to SecurPAP. This redirection is through the use of an encrypted ID that SecurPAP generates for this user. This scheme allows the user to protect his/her real identity and access credentials.