Thursday, April 2, 2009

A different kind of identity theft service

About 18 months ago I drove two hours from my home in Springfield to meet with a man in Beaverton, Russel Weight, who wanted to talk to me a bout a web service he was developing using a software component I am familiar with, Catalyst Web Framework. He had declined to describe it; he wanted me to sign a non-disclosure agreement. I arrived at his house and we sat down at his kitchen table. We talked briefly about the way the project might be conducted, and whether we would be a good working fit. Russ let me look over the agreement; I signed it, and Russ took a deep breath and shared with me his vision, the first time he had pitched the idea to anyone outside his immediate circle.

Immediately I was floored by the scope of it. Russ wanted to get every bank and creditor in the country to check all of their new accounts with a central database - that he would build from the ground up - so that applicants whose information didn't match would be prevented from opening accounts in others' names.

At first, and I've never admitted this to Russ, I thought the whole thing was too crazy to work. I raised some concerns, and Russ addressed them. Soon I was encouraged. I began making suggestions. Soon we were bouncing ideas back and forth. Russ was well funded, was a skilled programmer in his own right; and just needed a little guidance how to build this system for the web. The project was right up my alley; I'm a big fan of radio consumer advocate Clark Howard and fascinated by the inability of the financial industry to engineer a solution to the identity theft problem. Together Russ and I spent weeks and months developing a specification, and refining his service model into something really amazing.

The brilliant twist in Russ's concept was that he would store all sensitive information in his database using irreversible cryptographic hash functions so that the information he stores could never be used to facilitate identity theft. This in addition leads to the creation of an application which is exceedingly secure at all levels. After I took my new position as a software engineer with End Point Corporation, I felt confident enough of this to ask my new bosses to endorse the site's security.

The bottom line is that I heartily believe in the Identity Profiles vision of eliminating social security number based credit card theft completely. If anyone can do it, it is Russ, with his bold vision, infallible integrity, and amazing ability to find common sense solutions to large problems. Common sense is one thing we've been lacking these days!

So, please take a look at the identity theft prevention services and consider participating in this noble effort!

No comments: