THERE'S A GIANT SHOPPING SPREE GOING ON, AND you can be part of it! Thousands of people are buying millions of dollars' worth of stuff, using credit cards with your name on them.

What? You haven't been a victim of identity theft yet? Don't worry, you will be soon, if the card issuers don't clean up today's rampant free-for-all.

It's often reported that 700,000 people were victims of identity theft in the United States last year, based on Federal Trade Commission figures. But that number is seldom put into context. It far outstrips the 418,000 robberies committed in the country in 2002, according to the FBI's Uniform Crime Reporting Program.

And the FTC's count may actually understate the problem. A new survey by research firm Gartner (see www.bri.li/3321) shows that as many as 7 million Americans fee) they've been subjected to identity theft or something like it in the past year.

Identity theft turns people's lives upside down. After someone has run up massive unpaid bills in your name, you often can't get a mortgage or refinance your house for months while you try to clear your name. Meanwhile, that ringing sound you hear is yet another collection agency calling you up about charges you swear you didn't make.

Identity theft is being stoked by computers programmed to blindly issue credit cards or telephone calling cards to vermin who apply in other people's names. Just enter someone else's information, plus a Social Security number perhaps, and out pops the plastic. Char-r-r-ge!

This plague of pilfering has crept up on us because we thought it was someone else's problem. We need to take action before we're hit with more bogus credit card charges than legitimate ones, just as there are now more spam messages than legitimate e-mail.

Computer professionals are not unaware of the problem. Last month, a new program was announced by BITS, the technology group of the Financial Services Roundtable, an association comprising the country's 100 largest financial institutions. Leaders of the organization described a new "uniform affidavit," a single report that banks and credit card companies would accept from identity theft victims rather than requiring multiple statements (www.bri.li/3322).

Hmm, wait a minute. How would a redesigned form stop identity theft? You can't use the form until you've already been bilked. Redoing the paperwork is like noticing that a roving maniac is taking swipes at people with a chain saw and then offering Band-Aids to the victims who've lost arms and legs.

Asked about this, BITS CEO Catherine Alien said, "We've been focused on the prevention side as well as the victim-assistance side." Alien cited the group's fraud reduction program, a series of bestpractices white papers that businesses are advised to follow. I sure hope that works.

Unfortunately, we can't count on the credit industry to clean up its computer procedures on its own. That's because the issuers don't bear all the costs of fraud. When a credit card obtained through identity theft is used to buy products, the store that handed over the goods often loses the full amount — plus a $10 to $100 "transaction fee." That's despite the fact that the credit card issuer sent out the bogus card and provided authorization codes before the purchases went through.

One ray of hope is that some big players realize that things have got to change. "There are some credit card companies that do a better job than others in checking identity," said Jay Foley, co-executive director of the nonprofit Identity Theft Resource Center (idtheftcenter.org). Three innovators, in his opinion, are "Capital One, Citibank, Chase — these are all companies that are taking a more proactive approach." Operations such as these, Foley said, actually contact credit rating firms to verify the identity of the person seeking credit in your name.

That helps, but until more issuers follow suit, don't be surprised when the Brooklyn Bridge shows up on your credit card statement.

Identity theft is being stoked by computers programmed to blindly issue credit cards to vermin who apply in other people's names.

Send your comments to eweek@ziffdavis.com.

~~~~~~~~

By Brian Livingston

His column appears every other week in eWEEK.