The Dark Ages: “Sorry we do not accept credit or debit card payments here!” The Interplay between Identity Theft and Card Fraud IDENTITY THEFT 1. Identity theft is the deliberate and unlawful use of the personal information of another person to commit a criminal offence including theft or fraud. Jamaica’s National Cyber Security Strategy (“the Strategy”) declares that “identity theft is the most profitable form of cybercrime.” 1 This declaration was partly based on the United Nations Office of Drugs and Crime estimate that identity theft generates approximately US$1 billion per year in revenue on a global basis. 2 PERSONAL OR IDENTITY INFORMATION 2. Locally, personal information is described as identity information. Identity information may include, inter alia, names, addresses, email addresses, signatures, electronic signatures, credit card numbers, debit card numbers or any other unique personal identification number (PIN) or password used, alone or together, to identify a person. 3 The person may be dead or alive. HIGH COMMODITY ITEM 3. Today, businesses routinely harvest and store, electronically, sensitive identity information of their customers. The advantage to businesses is evident: they have large amounts of exploitable identity information readily accessible to them. However, this identity information is also a potential treasure trove for unscrupulous persons. It is, therefore, unsurprising that identity information has become, to borrow the language of the Strategy, a high commodity item to cybercriminals. 4 CARD FRAUD 4. One manifestation of the exploitation of identity information by cybercriminals is credit/debit card fraud. Traditionally, fraudsters mainly perpetrated this crime by skimming the card and cloning it. The process involved the use of a device to read and copy the information contained on the magnetic strip affixed to the back of the card. The skimming device is usually affixed to a Point of Sale Machine, Automated Banking Machine or supplied to the wait staff at a Restaurant or Pump Attendant at the Gas Station. The information is then 1 National Cyber Security Strategy, accessed at mstem.gov.jm/sites/default/files/Jamaica%20National%20Cyber%20Security%20Strategy.pdf 2 ibid 3 Section 10 (3) of the Law Reform (Fraudulent Transactions) (Special Provisions) Act, 2013, accessed at moj.gov.jm/sites/default/files/laws/The%20Law%20Reform%20Fraudualent%20Transactions%29%28Special%20P rovisions%29%20Act%20%282013%29.pdf 4 National Cyber Crime Strategy, ibid
1|Page