Thursday, May 09, 2024

Does Anyone Really Believe This System Will Actually Work Without Manual Intervention?

This appeared last week:

New government app to sound alert if criminals are using your private information

May 5, 2024 — 5.00am

A new smartphone app will alert Australians in real time if an identity thief tries to use their personal data to commit fraud.

Attorney-General Mark Dreyfus has announced an $11 million budget commitment for an online register that informs people if their data is being used to steal money or fake an identity.

The Credential Protection Register was set up after the high-profile 2022 Optus data breach, allowing exposed Optus customers to check if their personal credentials were being used maliciously. The government says it has blocked 300,000 hacking attempts.

Now Labor is expanding the program to allow the broader community, including those who have never been caught up in a data breach, to proactively check if their details have been compromised via the app.

“The register enables people who have had their personal details stolen to quickly lock down their information to prevent their data being used for identity crime and theft,” Dreyfus said in a statement.

“This in turn disrupts black market sales of stolen personal documents and illegal activities that rely on those stolen credentials including scams, money laundering and fraud.Qantas says it has resolved an issue that allowed users the ability to see other passengers' details, including boarding passes, on their phones.

“The mobile application will allow an individual to be notified, in real time, if someone is using their identity without their consent.”

The app, which is scheduled to be operational by the end of the year, would allow individuals to know in real time if someone has used their passport to update their details at the Australian Taxation Office, for example. In this situation, the individual could immediately act to counter the fraud.

The existing register has prevented attempts at fraud, including someone using a compromised passport to try to create a myGov account, and a bid to establish new phone plans using a compromised driver’s licence.

The government is confident the register itself will not be susceptible to hacking attempts because it says the tool does not act as a database and stores no personal information.

In a speech on Friday night highlighting the government’s looming privacy reforms, Dreyfus said both in Australia and abroad the “privacy of citizens is under attack”.

“We live in a world where data breaches and cyberattacks are now all too commonplace, and where cybercriminals and nefarious state actors seek out our personal information for financial gain or global strategic advantage,” he said.

“The global economy relies on data and personal information. We are all constantly producing valuable personal information as we go about our daily lives.

“Just about all of us are online, nearly all of the time, but in return for this Australians are increasingly being asked to share their personal information in online transactions. And they expect that when they do, their information will be protected and that they will maintain control over it.”

Here is the link:

https://www.smh.com.au/politics/federal/new-government-app-to-sound-alert-if-criminals-are-using-your-private-information-20240503-p5fotx.html

Here is the actual release: 

Mobile app to protect identity credentials from cyber crooks

The Hon Mark Dreyfus KC MP

5 May 2024

Media Release

The Albanese Government will provide an additional $11 million in the 2024-25 Budget for a mobile app and secure website that will enable all Australians to easily and swiftly protect their identity credentials from cyber crooks.

The funding over four years will build on the success of the Credential Protection Register which allows Australians to see when and how their identity credentials are being used to verify their identity, regardless of whether their credentials have been compromised.

Since it was established in October 2022 following the Optus data breach, the Register has blocked over 300,000 attempts to use stolen identity credentials.

The Register enables people who have had their personal details stolen to quickly lock down their information to prevent their data being used for identity crime and theft.

This in turn disrupts black market sales of stolen personal documents and illegal activities that rely on those stolen credentials including scams, money laundering and fraud.

The mobile application will allow an individual to be notified, in real time, if someone is using their identity without their consent.

Individuals will then be able to act immediately to control their identity credentials by enabling or disabling their use for verification.

These changes will give Australians full control of when and how their identity credentials are being used and allow them to disrupt illegal use of their identity.

This funding is in addition to the $3.3 million provided by the Government in the Mid-Year Economic and Fiscal Outlook to enhance the Register.

For more information on how to protect your identity – visit the IDMatch website.

Here is the link:

https://ministers.ag.gov.au/media-centre/mobile-app-protect-identity-credentials-cyber-crooks-05-05-2024

I have to say I can’t work out how this would actually work without manual detail entry. It sounds great but I need a few more details to become a believer!

Can anyone outline the ‘nuts and bolts’ for us?

David.

No comments:

Post a Comment