Meauring Identity Theft in Canada: 2006 Consumer Survey

Working PaperAuthorsPublish Date
21 Susan Sproule
Norm Archer
Jan. 2008

This is a report on a national survey of consumer identity theft and fraud in Canada, undertaken in late 2006 by McMaster University’s DeGroote School of Business. The survey was conducted through an Internet panel, and included 3550 responses, limited to English speakers. Respondents were at least 18 years old and had at least one credit card and bank account. The main findings from the survey included:

  1. No particular patterns were detected in what is perceived by the general public to be cases of identity theft as compared to identity fraud. Consumers appear to think about identity theft (IDT) and identity fraud (IDF) as a combination that has come to mean approximately the same thing.
  2. Since our survey was oriented to the respondent’s immediate family, it was not always possible to determine if incidents of identity fraud were perpetrated against the individual. This resulted in ranges rather than point estimates of incident rates. However, our range of 4.0% to 9.1% of credit card, non-credit card, and new accounts or other fraud tended to bracket the point estimates from similar U.S. studies. We also reviewed reported differences between telephone surveys and Internet surveys (the latter are reported to give incidence rates approximately 50% higher than the former) but there is no conclusive evidence on which is the more accurate.
  3. We concluded that there are over one million victims of IDF each year and the amount that perpetrators gain from IDF victims in Canada is over $3 billion. Dealing with identity frauds costs Canadian victims $164 million of their own money and they collectively spend over 18 million hours a year to resolve these problems.
  4. In 42% of the cases, the method by which the information was accessed is known. In another 15% the victim may not know for certain, but has a suspicion, of how the information was obtained. . For frauds involving new accounts and existing (non credit card) accounts, the information was most frequently reported to be taken from the home. Where credit card fraud was reported, the information was most frequently taken during an in-person business transaction or from a stolen wallet or purse.
  5. More than half of the cases were detected within a month of the theft. However, there are a substantial group of victims (12.7%) who are not sure when the theft occurred. There is a significant relationship between the interval to detection and the average fraud amount.
  6. In 35% of the reported cases, the victim knew something about the perpetrator of the theft or fraud. When something was known about the identity of the perpetrator, the most frequent response was that the perpetrator was a relative, accounting for 9% of all cases.
  7. The most common type of fraud experienced was purchases made on an existing credit card account (48.7% of the cases), followed by money taken from an existing bank account (24% of the cases) and cases where there had been no frauds discovered to date (12% of the cases). The remaining frauds each were experienced in less than 10% of the total fraud cases.
  8. Some form of document breeding is known to have occurred 3.5% of the cases. Driver’s licenses are the most common breeder document acquired or counterfeited.
  9. The median amount gained by the perpetrator (fraud amount) was $595. Victims spent a median of 8 hours and $4 to resolve the problems.
  10. 3.4% of the respondents were not at all concerned; 22.9% were slightly concerned; 37.8% were somewhat concerned; 24.3% were very concerned, and; 11.7% were extremely concerned about identity theft. Among those victimized, the lowest level of concern was in the group who had experienced credit card fraud, but highest for those who had experienced new account or other frauds.
  11. A question about “phishing” indicated a worrisome 3.4% who said they had responded to e-mail requests for account information.
  12. The four measures that respondents were most willing to take towards minimizing the impact of IDF, in decreasing rank order, were:
    • Refuse to give personal information over the phone to people that claim to do surveys, or people offering products or services at special prices.
    • Use computer anti-virus, anti-spyware and firewall software updated on a regular basis
    • Shred financial or important documents before discarding them
    • Monitor account balances and activity online on a regular basis
  13. A preliminary analysis of attitude toward preventative measures identified 8 segments of approximately equal size. Measures that contributed most to segment identification were:
    • Provide biometric data such as fingerprints, voice samples, or retina scans that would be used to verify your identity in association with government-issued identification documents such as passports, or driver’s licenses.
    • Provide biometric data such as fingerprints, voice samples, or retina scans that would be used by your bank to authenticate your identity when using a ‘smart’ debit or credit card or when banking online.
    • Reduce the amount of banking that you do online.
    • Reduce the amount of shopping that you do online.
DeGroote on Facebook DeGroote on Twitter WMA LinkedIn