Author: Keith Collins / Source: Quartz
Identity theft is often a multi-layered process. Once a thief gets one bit of your information, they try to use it to get more. The hackers behind the 2015 data breach of the US Internal Revenue Service (IRS), for example, used personal information they’d previously stolen from thousands of Americans to answer security questions on the IRS website, and in turn get access to their tax returns.
The security questions asked about personal details, like, “On which of the following streets have you lived?” and, “What is your total scheduled monthly mortgage payment?”
The hackers in the IRS case successfully got through that security measure, but what if the agency had a system in place that could detect whether the person answering the questions really was who they claimed to be? In a recent study conducted in Italy, researchers demonstrated how such a system could work.
In the study, published recently in PLoS One, the researchers quizzed 40 respondents about their personal details. Half of the respondents were asked to answer the questions…
Click here to read more
