From meeting potential life partners on dating sites, ordering a taxi or booking our next holiday, many areas of our lives are going online. But as we sign up to more services, protecting our personal data and our digital security is more important than ever before, particularly in light of recent data breaches and the ever-growing threats of identity fraud.
Earlier this year the largest collection of breached data was discovered online, with over 770 million email addresses and passwords posted to a hacking forum. We’ve also seen some other high profile breaches in the past few months including Quora, which impacted 100 million people, and hotel chain Marriott International, where 500 million people had their personal information compromised – including their passport and financial information. And who can forget Cambridge Analytica?
We’re now sharing more personal information online; putting us at greater risk of being affected by a data breach. In 60 seconds alone, there are 3.3 million Facebook posts, 448,000 tweets, over 65,000 Instagram photos uploaded, and more than 1,000 WordPress posts. Hackers have numerous opportunities to obtain our details and use these to take over our accounts, set up fake profiles and even apply for credit in our name.
So what can we do to stay safe online?
Use verified digital identities to share information and ensure your digital security
When signing up to new services, we should be able just to share the minimum information required. Companies should only ask for the details they actually need from individuals and be transparent about why they need this information. If a website is selling age-restricted items, for example, they will need to ensure customers are 18 or over. In this instance, individuals should be able to share just their age, without disclosing other details. This data minimisation approach will help protect our privacy and confidentiality while giving businesses the details they need to be compliant. The less information we share, the more protected we will be against the risks of identity theft, and in turn, the less data businesses will have to store.
A digital identity gives individuals greater privacy, ownership, transparency and security over their data. It lets them share specific identity attributes – like their name and age – instead of disclosing a full identity profile. It also gives them greater control of their data as they consent each time they share information and decide who they share this with.
We should also be mindful about the amount of personal information we share online. When registering on social networks, dating apps or posting on job sites, consider what details you are sharing and who can see that information. Review your privacy settings to make sure your profile can’t be seen by anyone and everyone, and do not share sensitive information like your address unless asked for it by a verified source.
Employers or recruiters could ask candidates to share their verified information using a digital identity. This gives the employer confidence that the individual’s information, such as their name and nationality is genuine and accurate, and in turn, the individual knows who they are sharing their details with.
Keep track of your online accounts and don’t rely on passwords
When we create new accounts, we are often asked to secure these with a username and password. But these are no longer adequate for protecting our accounts and personal information. They can easily fall into the wrong hands or be compromised in a data breach.
Part of the issue is that many of us choose convenience over security and reuse the same login details across different websites, or use easy to remember passwords, 123456 continues to be the most popular password, with over 20 million accounts using this. While this makes our lives easier and more convenient, hackers only need to crack one password and chances are; they can then unlock and access a treasure trove of our personal information. This is even riskier if we use the same password to log into our social media and financial accounts.
Thankfully there are secure alternatives available, such as logging in with our fingerprint instead of entering a PIN or password. Biometrics are unique to the individual, preventing a hacker from using them to gain access to someone else’s account. They are also more convenient as individuals no longer have to remember different login details or face the dreaded ‘incorrect password’ message.
However, if a password is still required, a password manager can encrypt and securely save all of your passwords; offering a more secure way of logging into accounts. Ideally, a password manager would be secured with an individual’s biometrics and not a master password – as this password could become compromised.
It is also important to keep track of the different online accounts you have and delete any you no longer use. The more online accounts we create, the more likely our identity and personal information can be exposed. When Quora was breached earlier this year, many people were surprised to receive an email from them alerting them to the news as they had forgotten they had an account with them. A password manager is a good way to keep track of the websites you are signed up for as it can safely store your different login details.
Co-founder and CEO of Yoti. Yoti is a digital identity service where individuals own and are in control of their identity and data.