Knowledge Sharing Processes for Identity Theft Prevention within Online Retail Organisations

The occurrence of identity theft has increased dramatically in recent times, becoming one of the fastest-growing crimes in the world. Major challenges associated with identity theft related offences include problems of consumers with credit, such as: aggravation by debt collectors; rejection of loans; disturbance in normal lives such as reputation damage; and the psychological disruption of providing personal data to organisations and banks during the investigation. For these reasons, and with the ready access of identity thieves to the retail industry, this problem is acute in the online retail industry, yet there has been insufficient research undertaken in this domain. This research investigated knowledge sharing processes for identity theft prevention within online retail organisations. An analysis of how individual staff and teams share their knowledge for identity theft prevention in organisations is presented, which includes the investigation of existing barriers in knowledge sharing for identity theft prevention in organisations. A qualitative case study research approach, using the guiding framework proposed by Salleh (2010), was adopted and extended to improve knowledge sharing processes for identity theft prevention in online retail organisations. Three case studies were conducted with leading online retailers in the UK. Data collection included one-to- one semi-structured interviews, internal documents from the researched companies and external documents from various secondary sources. The researcher used the thematic analysis approach using the NVivo software tool and a manual coding process. The total number of interviews was 34 across 3 case studies, with each interview lasting between 45 and 75 minutes. The participants were selected according to their experience, knowledge and involvement in solving identity theft issues and knowledge sharing. Investigation of internal documents included email conversations, policy documents and internal conversations such as emails and memos from the researched companies. This study found that knowledge of identity theft prevention is not being shared within online retail organisations. Individual staff members are learning from their experiences, which is time-consuming. Existing knowledge sharing barriers within the organisations were identified, and improvements in knowledge sharing processes in the online retail industry of the UK using the extended framework are proposed. This research contributes to existing research by providing new insights into knowledge sharing for identity theft prevention. It extends an existing framework proposed by Salleh (2010) in the new context of knowledge sharing processes for ID theft prevention in the retail industry by simplifying the model and combining elements into a more coherent framework. The present study also contributes by investigating the online retail sector for knowledge sharing for ID theft prevention. The empirical research identifies the barriers to knowledge sharing for ID theft prevention and the weaknesses of knowledge sharing in online retail organisations relevant to ID theft prevention. Finally, this study provides managers with useful guidelines for developing appropriate knowledge sharing processes for ID theft prevention in their organisation, and to educate staff in effective knowledge sharing

An investigation into agile learning processes and knowledge sharing practices to prevent identity theft in the online retail organisations

Lack of individual awareness of knowledge sharing practices to prevent identity theft is a significant issue for online retail organisations (OROs). Agile learning processes and sharing of knowledge is essential, but the lack of relevant training inhibits these processes within the online industry. This study identifies the inhibiting factors in the agile learning and knowledge sharing process with recommendations for best practice for organisations and staff to effectively share knowledge on identity theft prevention. Three qualitative case studies were undertaken in OROs in the United Kingdom. Data was collected using semi-structured interviews, internal documents and related external material. The data were analysed using a thematic analysis method. The findings identified that individual staff members within OROs from the information security and fraud prevention departments often share their knowledge as a community. However, there is no formal knowledge sharing process or any related training facilitating this exchange. There is a need for agile learning environment in OROs of the United Kingdom. The study offers both theoretical and practical contributions to the extant literature of agile learning of knowledge sharing to prevent identity theft in OROs. Existing learning opportunities are not being used to enhance the knowledge of individuals, and OROs need to increase the skills and trust of their staff to share knowledge efficiently. This study identifies the systemic weaknesses inherent in the process of knowledge sharing and existing training provision within OROs. It provides ORO managers with practical guidelines in facilitating trust between individuals and developing appropriate training systems to educate staff on sharing organisational knowledge. This study contributes by extending the knowledge sharing framework proposed by Chong et al. (2011), for enhanced individual knowledge sharing processes to prevent identity theft within OROs. It also identifies OROs weaknesses in knowledge sharing learning processes for theft prevention and offers prevention guidelines and recommendations for developing effective agile learning environments

Preventing identity theft:identifying major barriers to knowledge-sharing in online retail organisations

Purpose: Knowledge-sharing (KS) for preventing identity theft has become a major challenge for organisations. The purpose of this paper is to fill a gap in the literature by investigating barriers to effective KS in preventing identity theft in online retail organisations. Design/methodology/approach: A framework was proposed based on a reconceptualisation and extension of the KS enablers framework (Chong et al., 2011). A qualitative case study research method was used for the data collection. In total, 34 semi-structured interviews were conducted in three online retail organisations in the UK. Findings: The findings suggest that the major barriers to effective KS for preventing identify theft in online retail organisations are: lack of leadership support; lack of employee willingness to share knowledge; lack of employee awareness of KS; inadequate learning opportunities; lack of trust in colleagues; insufficient information-sourcing opportunities and information and communications technology infrastructure; a weak KS culture; lack of feedback on performance; and lack of job rotation. Practical implications: The research provides solutions for removing existing barriers to KS in preventing identity theft. This is important to reduce the number of cases of identity theft in the UK. Originality/value: This research extends knowledge of KS in a new context: preventing identity theft in online retail organisations. The proposed framework extends the KS enablers framework by identifying major barriers to KS in the context of preventing identity theft

Investigating Identity Fraud Management Practices in E-tail sector:A Systematic Review

Purpose: Identity fraud is a growing issue for online retail organisations. The literature on this issue is scattered, and none of the studies presents a holistic view of identity fraud management practices in the online retail context. Therefore, the purpose of this paper is to investigate the identity fraud management practices and present a comprehensive set of practices for e-tail sector. Design/methodology/approach: A systematic literature review approach was adopted, and the articles were selected through pre-set inclusion criteria. The authors synthesised existing literature to investigate identity fraud management in e-tail sector. Findings: The research finds that literature on practices for identity fraud management is scattered. The findings also reveal that firms assume identity fraud issues as a technological challenge, which is one of the major reasons for a gap in effective management of identity frauds. This research suggests e-tailers to deal this issue as a management challenge and counter strategies should be developed in technological, human and organisational aspects. Research limitations/implications: This study is limited to the published sources of data. Studies, based on empirical data, will be helpful to support the argument of this study; additionally, future studies are recommended to include a wide number of databases. Practical implications: This research will help e-tail organisations to understand the whole of identity fraud management and help them develop and implement a comprehensive set of practices at each stage, for effective management identity frauds. Originality/value: This research makes unique contributions by synthesising existing literature at each stage of fraud management and encompasses social, organisational and technological aspects. It will also help academicians understanding a holistic view of available research and opens new lines for future research.</p

Credit bureaus between risk-management, creditworthiness assessment and prudential supervision

"This text may be downloaded for personal research purposes only. Any additional reproduction for other purposes, whether in hard copy or electronically, requires the consent of the author. If cited or quoted, reference should be made to the full name of the author, the title, the working paper or other series, the year, and the publisher."This paper discusses the role and operations of consumer Credit Bureaus in the European Union in the context of the economic theories, policies and law within which they work. Across Europe there is no common practice of sharing the credit data of consumers which can be used for several purposes. Mostly, they are used by the lending industry as a practice of creditworthiness assessment or as a risk-management tool to underwrite borrowing decisions or price risk. However, the type, breath, and depth of information differ greatly from country to country. In some Member States, consumer data are part of a broader information centralisation system for the prudential supervision of banks and the financial system as a whole. Despite EU rules on credit to consumers for the creation of the internal market, the underlying consumer data infrastructure remains fragmented at national level, failing to achieve univocal, common, or defined policy objectives under a harmonised legal framework. Likewise, the establishment of the Banking Union and the prudential supervision of the Euro area demand standardisation and convergence of the data used to measure debt levels, arrears, and delinquencies. The many functions and usages of credit data suggest that the policy goals to be achieved should inform the legal and institutional framework of Credit Bureaus, as well as the design and use of the databases. This is also because fundamental rights and consumer protection concerns arise from the sharing of credit data and their expanding use

Nonbanks and risk in retail payments

This paper documents the importance of nonbanks in retail payments in the United States and in 15 European countries and analyzes the implications of the importance and multiple roles played by nonbanks on retail payment risks. This paper also reviews the main regulatory safeguards in place, and concludes that there may be a need to reconsider some of them in view of the growing role of nonbanks and of the global reach of risks in the electronic era.

The prevention of internal identity theft-related crimes: a case study research of the UK online retail companies.

Ranked the third biggest cyber security threats of 2013 by Forbes, Internal Identity Theft-Related Crimes (IIDTRC) leave countless victims in their wake, including online retail companies and consumers. With the rapid growth in the use of credit and debit cards in e-commerce, the online retail has been a key target for the IIDTRC perpetrators. IIDTRC involve the misuse of information systems (IS) by the dishonest employees to steal victims’ personal identifiable data. The crimes pose significant socio-economic impact and data security risks. In the context of online retail, relatively little research has been done to prevent IIDTRC. A few studies focus on situational-based IIDTRC prevention approach built on an independent use of software security. Others develop IIDTRC prevention frameworks in the context of generic e-businesses. The majority of the frameworks have little or no grounded empirical research. This research entitled the ‘The Prevention of Internal Identity Theft-Related Crimes: A Case Study Research of the UK Online Retail Companies’, attempts to bridge this research gap. It provides answers to two questions – what is the nature of IIDTRC in online retail companies and what framework can be used for IIDTRC prevention. This research set out three aims to answer the two questions. First, it provides understanding of causes, methods of carrying out and prevention of IIDTRC. Second, it extends a role-based framework (RBF) for the prevention of IIDTRC. Third, it evaluates the extent the RBF can be applied in the prevention of IIDTRC in online retail companies. A qualitative case study was used to achieve these aims. The empirical data were collected in the northwest of UK from 2011 to 2013. The field study was carried through archival analysis, semi-structured interview and participant observation. Organisational role theory (ORT) was used to guide the concept of a role-based framework (RBF) – a collaborative approach where the key components of management work in unison is required to prevent IIDTRC. The attributes of RBF were synthesised from the recommended IIDTRC prevention practices. The empirical evidence suggests that IIDTRC perpetrators in online retail companies are likely to be the top management and call centre employees. The findings suggest that online retail consumers’ credits/debits cards details are as much vulnerable to IIDTRC as the companies’ identities such as trade secrets and trademarks. Furthermore, the common methods used by the IIDTRC perpetrators include collaboration, collusion, infiltration and social engineering. Some of the IIDTRC prevention practices, of which the majority is software security, are implemented without considering the contribution of human-centred security based on management roles. In examining the contribution of the management roles in implementing Information Systems security practices, major challenges that are faced by online retail companies were identified. They include lack of resources, lack of management support and lack of IIDTRC prevention awareness training. This research concludes that an application of RBF can reduce the impact of the identified challenges. This was suggested by applying RBF in conducting IS security auditing in three online retail companies. The finding from the selected companies suggests that the RBF approach can maximise management performance in providing effective IIDTRC prevention practices. It provides better returns on cost, quality and time in the IS security auditing. It has an impact on management attitudes on preventing IIDTRC by clarifying and aligning their roles in implementing effective IS security auditing. There is heterogeneity of this effect across the companies suggesting that some are utilising the RBF approach while others are not. The finding confirms the plausibility of the RBF attributes. It suggests that the human-centred security play an integral role for effective internal data security in preventing IIDTRC. It suggests that it pays to use the collaborative management roles approach for implementing IIDTRC prevention practices. Furthermore, the use of the RBF approach can improve the effectiveness of the online retail companies in preventing IIDTRC. The findings suggest that benefits may accrue from the RBF approach when supplemented with a collaborative IS auditing. The benefits depend on the level of management IT skills, their perception of their roles, top management support and the organisational operations. This research contributes to the literature in identity theft prevention in online retail. To IS security practitioners, it identifies the data security challenges and IIDTRC prevention practices. To theory, it extends a role-based framework for IIDTRC prevention. To the emerging research in the digital economy, it puts forward as a robust starting point for further related works in cyber security, cybercrimes prevention and criminology

Electronic security - risk mitigation in financial transactions : public policy issues

This paper builds on a previous series of papers (see Claessens, Glaessner, and Klingebiel, 2001, 2002) that identified electronic security as a key component to the delivery of electronic finance benefits. This paper and its technical annexes (available separately at http://www1.worldbank.org/finance/) identify and discuss seven key pillars necessary to fostering a secure electronic environment. Hence, it is intended for those formulating broad policies in the area of electronic security and those working with financial services providers (for example, executives and management). The detailed annexes of this paper are especially relevant for chief information and security officers responsible for establishing layered security. First, this paper provides definitions of electronic finance and electronic security and explains why these issues deserve attention. Next, it presents a picture of the burgeoning global electronic security industry. Then it develops a risk-management framework for understanding the risks and tradeoffs inherent in the electronic security infrastructure. It also provides examples of tradeoffs that may arise with respect to technological innovation, privacy, quality of service, and security in designing an electronic security policy framework. Finally, it outlines issues in seven interrelated areas that often need attention in building an adequate electronic security infrastructure. These are: 1) The legal framework and enforcement. 2) Electronic security of payment systems. 3) Supervision and prevention challenges. 4) The role of private insurance as an essential monitoring mechanism. 5) Certification, standards, and the role of the public and private sectors. 6) Improving the accuracy of information on electronic security incidents and creating better arrangements for sharing this information. 7) Improving overall education on these issues as a key to enhancing prevention.Knowledge Economy,Labor Policies,International Terrorism&Counterterrorism,Payment Systems&Infrastructure,Banks&Banking Reform,Education for the Knowledge Economy,Knowledge Economy,Banks&Banking Reform,International Terrorism&Counterterrorism,Governance Indicators

Credit Cards: Weapons for Domestic Violence

The objectives of this study were to describe the intra-specific variation in herbicide response of weed populations when subjected to new vs. well-established herbicides, and to assess distributions of logLD(50)- and logGR(50)-estimates as a potential indicator for early resistance detection. Seeds of two grass weeds (Alopecurus myosuroides, Apera spica-venti) were collected in southern Sweden, mainly in 2002. In line with the objectives of the study, the collections sites were not chosen for noted herbicide failures nor for detected herbicide resistance, but solely for the presence of the target species. For each species, seedlings were subjected to two herbicides in dose-response experiments in a greenhouse. One herbicide per species was recently introduced and the other had been on the market for control of the species for a decade, with several reports of resistance in the literature. Fresh weight of plants and a visual vigour score were used to estimate GR(50) and LD50, respectively. Resistance to fenoxaprop-P-ethyl in A. myosuroides was indicated by the LD50-estimates to be present in frequencies sufficient to affect the population-level response in 9 of 29 samples, and was correlated to response to flupyrsulfuron, while low susceptibility to isoproturon in A. spica-venti populations was not linked to the response to sulfosulfuron. In the study as a whole, the magnitude of the estimated herbicide susceptibility ranges differed irrespective of previous exposure. No consistent differences were found in the distribution of LD50-estimates for new and "old" herbicides, and normality in the distribution of estimates could not be assumed for a non-exposed sample, even in the absence of an indication of cross-resistance.Original Publication:Liv A Espeby, Hakan Fogelfors and Per Milberg, Susceptibility variation to new and established herbicides: Examples of inter-population sensitivity of grass weeds, 2011, CROP PROTECTION, (30), 4, 429-435.http://dx.doi.org/10.1016/j.cropro.2010.12.022Copyright: Elsevier Science B.V., Amsterdam.http://www.elsevier.com