SAN FRANCISCO–It’s become common practice: a company or financial institution announces a data breach, and as part of the announcement also states it will offer free identity theft services for everyone affected.
But not “all identify theft protection services are created equal,” according to Javelin Strategy & Research.
Noting that pressure from consumers, media, and governments has contributed to make the offer of complimentary identity protection services all but inevitable following any major breach, while “hailed as a positive step it does bring many challenges,” the company said.
As part of its just-released 2015 Identity Protection Services: Business-to-Business Market” study, which provides an understanding of the current business-to-business identity protection subscription market, Javelin said it has identified a number of related problems.
“Between April 2013 and March 2014, 40 million consumers held at least one identity protection subscription through business-to-business channels, with the bulk being “free” services provided after a data breach,” Javelin said. “And while these solutions can be an effective hedge against consumer identity fraud, not all identity protection services are created equal.”
“The biggest problem with the mass issuance of identity protection services is the mismatch of risk and coverage,” said Al Pascual, director of Fraud & Security with Javelin. “For example, we have seen countless breach victims being offered solutions that rely heavily on credit monitoring, even though it may not have been appropriate or effective based on the type of data compromised.”
The Javelin report includes two consumer surveys of a total of 8,000 consumers and market sizing of the business-business identity protection services market, as well as profiles of nine vendors.