High-tech crime: Technology is a double-edged sword in the world of crime, writes Joe Humphreys.
Law enforcement agencies rely on it to an ever-increasing degree - as witnessed by the proliferation of CCTV cameras, developments in forensic science such as DNA testing, and the creation of computerised criminal databanks, like the Garda PULSE system.
But criminals are also moving with the times, using ever-more sophisticated methods of breaking, and evading, the law - no more so than in the area of fraud. Credit card "skimming", telephone-order fraud, and identity theft are just a few of the "crimes of the future" already with us today.
"Fraud is becoming the crime of choice for organised criminals," says Mr Peter Dorrington, an expert in the area, who estimates that fraud is costing Irish business €3 billion a year. A "conservative estimate", he says, is that between €150 million and €250 million of this sum is attributable to identity theft, the incidence of which is growing by "more than 50 per cent" in the UK each year.
Identity theft involves a fraudster obtaining one's financial, social security or consumer details in order to commit fraud in that person's name. Depending on the amount of information accumulated, the fraudster can apply for a credit card, driving licence or even a passport using the identity of the victim, who will not know about the violation until a debtor or, worse, the Garda, comes knocking at the door.
"Fraudsters are turning more and more to ID theft because institutions have got better at spotting people using fraudulent or created identities," says Mr Dorrington, head of fraud solutions at UK-based technology firm SAS. "What we will see in the future is ever-more sophisticated attacks on identity."
Irish financial institutions have been slow to admit to a problem in the area, and slower still to tackle it, according to critics of the sector. The Irish Bankers' Federation estimates that credit card fraud is running at about €6.3 million a year. The Irish Payment Services Organisation, an umbrella body which provides technical support to financial institutions, puts the bill closer to €7 million-€10 million.
Exact figures are hard to come by because the banks won't include them in their accounts. "They're afraid if they talk about fraud it will impact on their reputation," Mr Dorrington explains.
A number of "skimming" operations have already been exposed in Ireland, most notably in February 2002 when a father of one was sentenced to four years, with one year suspended, by the Dublin Circuit Criminal Court for masterminding a fraudulent credit card operation in the capital.
Under the scam, card details were copied on to a data reader, which could store information on up to 500 cards at once - each with a potential limit between €10,000 and €15,000. It took between two and three weeks before the holders of the genuine cards to realise they had been billed for purchases they didn't make.
In order to combat such crime, banks are moving towards improved security measures, including "chip and PIN" technology whereby consumers enter a pin number that is matched with a microchip on the credit card each time they make a purchase. The scheme, which requires retailers to install new security units at check-out desks, is being introduced on a pilot basis in Naas and Newbridge, Co Kildare, next summer. The aim is to have it up and running nationwide before a European deadline, which has been set by Visa and Mastercard, of January 1st, 2005.
As for identity theft, Mr Dorrington says the main weapon at present is "cross-checking multiple sources of data" to confirm identification. This means analysing everything from previous credit records to current spending patterns. Anything peculiar should set off alarm bells under a bank's "KYC - Know your Customer" policy.
"For example, do window cleaners earn €200,000 a year? Probably not," Mr Dorrington remarks.
Institutions creating databanks of personal information also sets off alarm bells, however.
Irish Council for Civil Liberties director, Ms Aisling Reidy, says the "biggest fear is the phenomenon of function creep, the idea that you bring in something to combat crime but then in 18 months' or two years' time it's being used for other purposes".
She notes privacy rights are already under threat from a number of crime prevention initiatives, including proposed legislation which would see telephone data retained for scrutiny by gardaí and other law-enforcement agencies, and a planned new passenger screening system for anyone travelling to America.
Under the scheme, everything from one's travel patterns to one's employment record could be monitored by US security agencies which, Ms Reidy notes, would not be subject to Ireland's Data Protection Acts.
The ICCL has similar reservations about the creation of a DNA databank, and the proliferation of CCTV cameras where there are no safeguards over access.
Mr Dorrington admits data retention poses a danger of "internal abuse" but he believes "knee-jerk reactions" shouldn't dominate debate over the issue - especially as the threat of fraud and technology-based crime increases.
Series concluded