A Review of the Evolution of the Identity Protection Industry
It’s 2003, and the United States Federal Trade Commission (FTC) has just released some scary findings about this new crime called identity theft. There’s not much you can do to prevent it, and its effects are alarming – the FTC reports that the average victim in the U.S. spends about $1,200 and 60 hours trying to fix their identity theft issue.1 At this time, almost any type of identity theft protection or prevention service is solely focused on credit or data monitoring – which, as we know today, is just a single component in safeguarding one’s identity. Indeed, the concept of identity theft was still in its infancy in the U.S., and, at a global level, it was barely being discussed.

At this stage, fifteen years ago, Generali Global Assistance (GGA) took a different approach.

Being owned by the company that invented the concept of real-time care assistance over 50 years ago (Europ Assistance), providing compassionate assistance to people in times of need is in our DNA. Today, we remain a global provider of assistance services to people in the fields of health, home and family, automotive, and travel, helping thousands of companies protect their customers and employees from life’s difficulties. Thus, the protection and restoration of identities was a natural fit for us as we came to know and understand the devastating ramifications that identity theft can have on people’s lives and families.

Accordingly, we launched identity theft resolution services via a business to business (B2B) offering, becoming one of the first identity protection providers to focus on helping the person behind the data. Monitoring services alone simply alert customers of suspected fraud incidents and stop there, leaving the victim to pick up the pieces and attempt to restore their identity on their own. As a company firmly rooted in the mantra “We care,” our goal was, and still is today, to go above and beyond for each one of our client’s customers. For those dealing with the aftermath of identity theft, we attend to the time-consuming and stressful tasks of contacting and following up with creditors, credit bureaus, law enforcement, and other third-parties on their behalf, while also providing compassionate assistance and expert advice to help put their mind at ease – something most other identity protection providers weren’t doing at the time and, frankly, some still struggle with today.

Nevertheless, identity protection as a consumer product was very much still emerging a decade and a half ago, and most people held a false sense of security that something so life-changing could never happen to them. It’s different though today, in that our current climate has almost normalized large-scale data breaches and compromised personal information. Undeniably, awareness levels have increased since 2003 – and whether that’s good or bad is up to interpretation. What is certain is that the identity protection landscape has also evolved to keep up with the ever-advancing crimes of identity theft and fraud.

Today’s Identity Protection Services
The need for identity protection across the board has become increasingly apparent, and, as a result, more and more players are entering the identity protection space. The current landscape is varied, with some companies monopolizing the direct-to-consumer market, others operating more behind the scenes in the B2B realm like GGA, and even major credit bureaus and credit card companies have found opportunity to capitalize on the growing industry. The types of services offered by these players also run the spectrum, with some merely tacking on complimentary credit or identity monitoring services to a core offering and others offering an entire suite of identity protection services that make up a more comprehensive program.

The more devices that ask us to input our data, customize to our personal preference, and access remotely, the more gateways there are to identity theft

Today, GGA’s offerings have certainly expanded but are still firmly rooted in full-service resolution services. Between 2008 and 2014, we added identity monitoring and alerts, 3-bureau credit monitoring and alerts, and an Online Data Protection Suite with anti-keylogging and anti-phishing software. In addition, GGA’s resolution team became Certified Identity Theft Risk Management Specialists (CITRMS) and FCRA-certified by the Consumer Data Industry Association. In 2016, we launched our most robust identity protection product yet – a 360° platform with a single, easy-to-use online dashboard – and we’ve since expanded our offering globally to also include smartphone protection with secured browser and keyboard. Today, GGA’s identity and digital protection product offering is pinned around four pillars: experience, solutions, technology, and service – none of which should be compromised.

We don’t offer our products and services simply because they’re popular – for us, it’s the result of consistent research and continual awareness of a need that continues to grow. Looking back, we started offering identity protection services for a very simple reason: there was a genuine need to help people that wasn’t being fulfilled. Today, that need has evolved (e.g., IoT, data globalization, etc.) and become a global concern, and we’re leveraging our resources to address it. Our offering has naturally evolved and advanced over the years – to better protect our customers – and we’re sure it will continue to change and evolve as the identity theft landscape will as well. No matter what, our mission will always remain the same – to protect and help people.

The Future of the Identity Protection Space & Its Influencers
The more devices that ask us to input our data, customize to our personal preference, and access remotely, the more gateways there are to identity theft. Indeed, the digitalization of even the most ordinary of objects has taken us to a place that’s more opportunistic than ever for identity thieves. But it’s not all bad. Our highly-digitalized lives have afforded us opportunities and conveniences that some of the greatest engineers could have never fathomed several decades ago. Digital globalization has given power to small one-man shops, allowing them to compete globally and sell to quite literally anyone in the world.

Recognizing that there are some things consumers have control over and others that they don’t, consumers must use their voices to create change.

With so much information being shared, downloaded, and accessed cross-continentally, there should be a global platform seeking identity and cyber protection for all. We’re still a long way from such an idealistic approach, but the European Union’s induction of the General Data Protection Regulation (GDPR) was a major step in the right direction. Having officially gone into effect on May 25, 2018, its goal is to fundamentally protect all EU citizens, no matter where they are in the world. Thus, the new data privacy regulation will apply to any company that does business with an EU citizen. As more countries start looking at data privacy and protection like this for their citizens, it won’t be such a big leap to start talking about personal identity protection for all.

With half of the world’s traded services delivered digitally,2 businesses are no longer confined to serving local customers; the world is their consumer now. And yet, today, most businesses abide by only their country’s (or, for those in the U.S., their state’s) legislation regarding data privacy and breach notification. Unfortunately, most laws are inadequate at best, leaving consumers’ identity and digital protection primarily their responsibility – even while it’s oftentimes out of their hands.

Recognizing that there are some things consumers have control over and others that they don’t, consumers must use their voices to create change. They can begin by putting increased pressure on their local legislators to encourage them to play a bigger role in putting more global regulations in place. And because every country has their own unique challenges in the identity protection realm, governments need to listen closely so that they can best meet their citizens’ needs. Consumers should also feel empowered to force the companies that they do business with (locally and abroad) to provide more transparency into how their data is being protected.

Clearly though, data privacy and consumer protection isn’t going to change overnight, and we know it’s going to be an uphill battle – that’s why we’re doing our part too. At GGA, we recognize that education is a key piece in better protecting consumers; after all, they are their own best identity advocate. Education is a key component in the products we offer, and we’re also present in the space to help foster consumer education. By participating in and partnering with various identity-focused organizations such as the University of Texas Center for Identity and the Identity Theft Resource Center, and speaking at industry events, such as the U.S. Federal Trade Commission’s Conference on Identity Theft, we understand our responsibility to remain engaged in the industry so that we can, ultimately, help shape it for the better.

Additionally, GGA is continuously exploring new products and solutions to stay ahead of identity thieves. One of the most popular trends we’re seeing right now is the use of Blockchain technology, which essentially is a way to better protect and isolate data from potential hackers. We’re also seeing the use of biometrics becoming increasingly popular, particularly in consumer technology. As a means of identity validation, biometrics may be another great advancement in thwarting fraudsters.

GGA as a Global Player
As a global company, we’re constantly keeping our finger on the pulse of the market to adapt and evolve with it. We’re in a unique position to help people and companies all over the world. It’s an advantage that we take seriously and will use to truly be a part of the growing challenge to provide identity and digital protection globally – which we know we can’t do alone. The identity protection space itself is still rapidly evolving and perhaps will always continue to do so. Intrinsically tied to technology, there may be no end in sight – the identity theft problem, instead, will just expand, or morph, or develop, into different issues that are unknown to us today. For this reason, we are always looking ahead.

Today, we’re taking the lessons learned in the U.S. – where the issues have been fast-tracked and the market now a bit more mature – and applying those lessons globally. The U.S. identity protection market has, in a way, been reactive to the identity theft issues that have transpired over the last two decades. GGA has launched identity protection services in Canada and is in the process of launching across Europe and in India; these are unique products that meet each specific market’s identity protection needs, and, first and foremost, they’re proactively addressing the rising issues present in each country.

In the U.S., we’ve seen the identity protection industry go through many phases and stages, with different protection components getting different levels of attention throughout the 2000s. With data breaches now a mainstay in societies across the world – and so much information being made available to fraudsters – it’s only a matter of time until that manifests into larger issues for vast numbers of people. We predict this will ultimately put resolution services into the industry spotlight and when it does, resolution services will become necessary to participate in the global identity market as a true player. It is at that point that other companies will then follow suit, but we have been there all along providing caring, compassionate assistance – the foundation upon which our services are built.

Today, we’re exploring the future of identity from a global perspective while maintaining local considerations and keeping white-glove service and the “We care” mentality close to heart. We hope others follow us in that – sooner rather than later.