Published: Thursday October 29, 2015


The news that yet another major organisation – British Gas – has suffered a data breach will add to the already growing concerns amongst business leaders as to who may be next. Earlier attacks on Talk Talk, Carphone Warehouse and T-Mobile among others just emphasise how much pressure organisations face in trying to stay one step ahead of the fraudster. In a recent survey by PwC, it was revealed that nearly 9 out of 10 large organisations have suffered some form of data security breach in the last 12 months. Yet ironically it is our continuous demand for better customer experience and instant access to products and services that is fuelling the growth of data exchange between organisations and consumers. Think of an online shopping experience with no automated address lookups, or trying to open a bank account or take out an insurance premium with the need to present physical documents at the nearest branch. As consumers, we all want what the Internet offers and are prepared to share our data to make the experience as quick and easy as it can possibly be.

Which leaves the organisations we interact with in possession of a hugely valuable commodity – the data that reveals who we are as individuals. Data is the fuel of the digital economy; if there isn’t enough flowing around the system, core business processes we have come to rely on simply cease to operate.

  • Is this person who they say they are – and the right age to access our products?
  • Are the transactions going through this account consistent with previous customer behaviour, or a sign of fraud?
  • Can we offer to ‘remember’ this customer’s information to improve their account access rather than asking them to key it in afresh each time?

So I have some sympathy with the management at British Gas, TalkTalk et al – keeping on top of what is happening with every customer account, all the time, is an immense challenge. But it is one that, in the identity data intelligence sector, we have to join forces to overcome. And, ironically, the best chances we have of doing that is to ensure that we don’t cut off the supply of data that helps us understand the bigger picture. For instance, data sharing among organisations helps to identify potential new trends in fraud or cybercrime before they hit; and electronic ID verification systems need reference data from outside the organisation to check if what the customer is saying is really true.

Data is one of the most valuable assets an organisation now owns – the criminals are proving that. But it’s my belief that the transparent and responsible use of our personal data is also the most powerful tool we have to take them on.