LifeLock

A little while ago [fluggart.com], I posted about LifeLock and how it doesn't actually prevent identity theft.

In Bruce Schneier's latest Crypto-gram newsletter, he wrote an article about LifeLock [schneier.com], how it does work, and how they have been the victim of a smear campaign by the credit bureaus. It is an interesting read. Here is a quote from Schneier's article:

"In December 2003... credit bureaus were forced to allow you to put a fraud alert on their credit reports, requiring lenders to verify your identity before issuing a credit card in your name. This alert is temporary, and expires after 90 days. Several companies have sprung up... that automatically renew these alerts and effectively make them permanent."

"This service pisses off the credit bureaus and their financial customers. The reason lenders don't routinely verify your identity before issuing you credit is that it takes time, costs money and is one more hurdle between you and another credit card..."

"And, so began a smear campaign on the part of the credit bureaus... The biggest smear is that LifeLock didn't even protect Todd Davis, and that his identity was allegedly stolen. "

Schneier then goes on to explain how most credit card companies could easily combat the most common forms of identity theft, and they don't like companies like LifeLock highlighting this for everyone. Apparently, I was horribly misinformed when I posted about this months ago. I'm glad that I understand the real story now.