Desjardins partners with Equifax, but can they do more

Desjardins partners with Equifax, but can they do more Credit worthiness is at the forefront of every consumer's mind when making a substantial purchase because sometimes it can be the only deciding factor needed to make or break a transaction. Fraud is a crime that threatens every Canadian, regardless of their education, age or income. The estimated damages of fraud cost Canadians between $10 to $30 billion dollars annually. In June 2017 just over one-fifth (21%) of Canadian businesses reported being victims of cyber security incidents that affected their operations, forcing all Canadian business to spend in the same year $14 billion dollars to prevent, detect and recover from cyber security incidents. In the digital age, cyber security measures are constantly being challenged and compromised by full-time cyber criminals who work relentlessly to penetrate databases with the hopes of committing fraudulent offenses with the personnel information of millions of innocent, unsuspecting Canadians. Just as we have recently seen in Quebec, where millions of people became overnight victims of the province’s most disastrous data breach in it’s history. The personal information of customers belonging to the financial institution Desjardins were stolen by an employee; currently affecting 2.7 million individuals and 173,000 business accounts. Which amounts to approximately 41% of the company’s customer base. Desjardins immediately responded by graciously offering 5 year’s worth of Equifax credit monitoring at no cost to all those affected by the breach, but many have been questioning if this helpful gesture is nothing more than a temporary remedy. One of the affected clients is former Desjardin’s President Claude Béland who lead the company from 1987 to 2000, has told Radio-Canada that he received letters from 3 companies advising him of debts he has with them and when he contacted them to advise them of their mistake, they told the former president that his social insurance number and personal information were on file. Members of the credit union want to know if credit monitoring will provide long-term protection against identity fraud and if the Canadian government will seriously consider issuing new social insurance numbers to the affected individuals to protect them from the same problem Mr. Béland has been forced to deal with as a result of this breach. Arguably not everybody affected was keen on working to help the company during this trying time. Within 24 hours of notifying their clients, 2 Quebec residents filed class action lawsuits seeking a combined total of $11.89 billion dollars in compensation and punitive damages; with one lawsuit further requesting credit protection be extended for a total of 10 years. Desjardins clients and concerned consumers are constantly questioning the safety of their personal information because the solution provider chosen by Desjardins has been the victim of a global third-party data breach in the past. In 2017, over 143 million American and 10000 Canadian payroll employees were informed that their sensitive and personal information had been accessed because of a security breach in Equifax’s "Work Number" service. This Equifax department provides employers and employees access to an online portal where they can obtain a detailed history of their salary information, automated employment and income verification for prospective employers, fast-track mortgages and loans with lenders etc. The impact of this data breach has not yet been fully measured to test the long-term impact and fraud risk factors for the affected clients. Many are left to wonder if Equifax can ever truly protect them in the future after experiencing a security breach of this proportion. So far Equifax is living up to their guarantee of making substantial changes surrounding customer security. Within 8 days of reporting the breach in 2017, Equifax provided their clients with an in-depth breakdown and analysis of the incident and the measures they have taken to secure and rectify the impact of the breach. They invested over $200 million dollars in their data security infrastructure and immediately hired outside experts from two different firms; one to conduct a comprehensive forensic investigation and the other to redevelop their security program. The changes did not stop there, in July of 2018 Equifax was required to submit monthly progress reports to regulators and signed a consent order with regulators from eight states agreeing to specific improvements, like demonstrating that it has improved oversight mechanisms, security audits, and threat monitoring; as well as a third-party firm who will test to confirm that the improvements are in place. They demonstrated to their clients, government agencies and regulators that their customers needs are no joking matter and put forward the necessary measures to protect their customers information and to regain their trust. Canadians recognize that Desjardins was amongst the leading, innovative big banks in the country prior to the security breach that exposed the information of millions of customers. Consumers and clients alike however shall not forget the great strides Desjardins has made over the last few years to be proactive surrounding the safety of their customers personnel information. In 2018, Desjardins aligned themselves with key industry partners to found a company that focuses on fraud detection and identity theft and earlier this year in February, Desjardins committed to provide the Polytechnique Montreal with $1.25 million over five years to research cyber security and artificial intelligence. According to the American Federal Trade Commission for Consumer Information, when stolen information is publicly shared on a hacking website it only takes 9 minutes before fraudsters begin to pass transactions in the victim's name. The alarming speed at which online criminals can compromise a person’s life is staggering and terrifying. That is why company’s have to be proactive and work with industry leaders and innovators who are able to provide consumers with reliable, long-term peace of mind instead of dispensing temporary fixes. Consumers are waiting restlessly to see when, how and what cybersecurity professionals are going to come up with to help consumers stay safe from fraudsters. Two words come to mind: Artificial Intelligence. The future is going to be all about mitigating risks promptly and effectively by leveraging machine learning solutions in order to guarantee service delivery excellence; during every interaction, every single time. By using passive biometric behavior analysis and real-time two step authentication with perpetual detection of digital abnormalities, users experience genuine persistent security throughout the lifespan of their online session, regardless of how a breach occurred; internally or by hackers externally. The current machine learning security solution capable of providing service delivery excellence, legal and regulatory compliance and persistent two step real-time biometric traffic monitoring is currently being developed by IBM F8th. The machine learning software gathers and analyses billions of anonymous and inconsequential data elements. These elements are then gathered to create a unique biometric user profile based on the user’s online behavior. The unique biometric identity created for the user is responsible for perpetually maintaining the integrity of the online session because each profile is nearly impossible to duplicate. In the event of a breach, the clients personal accounts cannot be accessed, nor will they be required to change passwords or update their account because the fraudsters digital biometric identity will not and simply cannot correspond with another person’s biometric profile, because no two digital fingerprints are ever the same. This form of peace of mind provides consumers with round the clock, real-time traffic monitoring that immediately detects and protects them from malicious attacks and intrusions. By delivering a cybersecurity solution that learns and improves itself automatically from experience without being programmed, companies begin to eliminate the costs and need for multiple databases and security solutions. Maintaining user privacy and safety by leveraging artificial intelligence is the next step for the industry. Consumers are tech savvy and won’t tolerate being kept in the dark, especially when it’s concerning their credit worthiness. Solutions are emerging today that will surpass the expectations of all interested parties, the question is how long will it take for companies to get on board and implement F8th, because it seems to be the only solution in sight that can offer lasting protection from identity fraud and save consumers and companies millions of dollars and thousands of man hours attempting to fix hopeless cases.

Published: July 15th, 2019 Written By: Fatima-Zahra Kajji Designed by: Fatima-Zahra Kajji