Keep identity theft at bay with Consent Identity Verification (CIV)

When was the last time that you or anyone you know walked through the front doors of a business to inquire about an open position for a job? And for the sake of this argument, your 16-year-old niece looking for her first job at a frozen yogurt shop does not count. Chances are, if you ask a person how they are looking for jobs in 2019, they will likely tell you that online resources play a huge role in the process.

The majority of working professionals today, in some shape or form, are leveraging the internet in their search for employment opportunities. This is likely due to the relative ease and efficiency of filling out an application online. In fact, a 2015 survey conducted by the Pew Research Center found that 45% of participants use the internet to apply for jobs in their job search.

There’s no doubt that online tools have imbued society with increased visibility of the jobs available in the world. However, with the heightened convenience of online applications also comes a new threat: digital identity fraud. And as an employer, the onus is on you to provide a safe and secure method for candidates to apply for open positions at your company. So, what is employment identity theft, and how can you ensure that you are doing everything in your power as a business to safeguard consumer information?

Employment identity theft and digital job applications  

The ever-looming threat of identity theft is not anything new—for decades, hackers and other predatory criminals have been devising schemes in order to collect and use people’s private information in nefarious ways. From basic identification information to login credentials and credit card numbers, the sleuthy individuals have, in some way or another, eluded complete security regulation of their actions.

And now, as aforementioned, there has been a notable hike in the number of employment identity theft as a direct result of the number of people applying for jobs online. Although it is not addressed as frequently as your traditional identity theft, employment identity theft can hold just as many, if not more, ramifications for employers and employees alike.

The most common avenue of employment identity theft for a criminal is through the use of someone’s personal information such as a social security number. If someone has gained access to any of your sensitive personal data, they can then use that information on a job application without you knowing. This type of fraud is often very difficult to detect because it often doesn’t have an immediate effect on the victim. However, when the issue does arise, it intertwines your name with criminal activity, potentially barring you from applying for credit, benefits, disability, or even other jobs.

The lowly crime of employment identity theft has not gone unnoticed, fortunately. There have been a few practices put forth to combat the fraudulent use of information on job applications.

Dynamic knowledge-based authentication: the key to safeguarding information

What is your favorite color? Where is your ideal vacation destination? If you have ever made a login and password for a website or enrolled in online banking, you have likely encountered this common security measure called knowledge-based authentication.

KBA essentially allows you to input an answer to a question that could be later posed to someone attempting to access your personal accounts or information. The idea is that these answers are familiar to you but unique enough that an unauthorized user would not be able to pass the checkpoint. That’s the theory, and unfortunately there have been some issues with this security measure.

Take, for example, the hacking of then-Vice President nominee Sarah Palin’s email account. According to the hacker’s testimony, all he had to do was request to reset the password for the account and answer Palin’s security question, to which he found the answer with a simple Google Search. Combine that with the low rate at which people actually remember the answers to the questions provided, and you can see why KBA isn’t the most reliable security measure.

As such, some companies have been employing the use of Dynamic Knowledge-Based Authentication as an added layer of security. DKBA uses encrypted data to generate fact-based questions that are hard for hackers to access. These are typically questions such as a previous address, a vehicle you have owned or leased, or a phone number they have been associated with. DKBA is great to use for verification on employment applications as it is information that is not easily accessible by criminals.

Consent Identity Verification: TazWork’s solution to fraudulent identity threats

While there is no stone-solid method to completely safeguard applicants from identity theft, TazWorks Consent Identity Verification is the closest employment application security measurement available today. CIV is low cost and low impact to ensure consumer data security, meet compliance measurements, and increase overall efficiency of the application process.

This is the way CIV by TazWorks works: Before an applicant submits their application via TazWork’s QuickApp, consumers are provided four multiple choice questions generated from their personal information. They have four minutes to submit three questions correctly. If they are unsuccessful, they have the option to retry. After four unsuccessful attempts, the consumer will be locked out for seven calendar days.

TazWork’s CIV plugin is simple, efficient, and a faster authentication method and helps further confirm identity. It provides additional due diligence for both employer and applicant with no additional forms to fill out and no hassle.

The process of job hunting is rapidly becoming synonymous with the internet. As more and more people turn to searching for and applying for jobs online, there is an increasing risk for employment identity fraud. Contact TazWorks today to see how our Consent Identity Verification solution can help you provide the most simple and secure method of verifying your applicant’s identity.