Identity Theft Protection

Identity Theft Protection: a reader asks…

I’ve subscribed to TrustedID which is sold through AARP. It seems quite comprehensive, and also provides access to your credit score from all three providers at any time. I’m no longer tempted to subscribe to the (expensive) individual credit card or bank id protection services. What do you think of TrustedID?

My short answer is that 1) I don’t think their services are worth the cost, and 2) no automated service will give you much more than the appearance of protection. The reasoning behind these two opinions are:

1. Their terms and conditions have clauses which appear to, for the most part, absolve them of responsibility for doing anything for you other than telling you there’s a problem. And there’s no liability if they don’t even do that. Also, there’s no coverage in case of a breach that results in any loss, these are NOT insurance policies. And lastly, I see a history of unsatisfied clients with even just a casual perusal of online sources, not just for TrustedID, but for a number of competitors vying for your dollars.
2. These companies are capitalizing on the fear of identity theft by consumers, and providing a very limited set of products and services. Ostensibly to protect you, but automated solutions don’t provide anywhere near the level of protection you would get with a pair of eyeballs connected to a brain. Despite the advertising copy, algorithms and data crunching are not yet ready for prime-time, when it comes to your money, credit rating, and financial information.

As identity theft has grown exponentially, we’ve watched the rise of companies offering various forms of protection against identity theft. While there are dozens of services available, I think the most popular among these are:

• Lifelock
• TrustedID
• IdentityGuard
• IdentityForce

Identity theft protection services can include account monitoring, supposed insurance against loss, freezing your credit (aka, fraud alert) so others can’t use it, and assistance with rebuilding your identity after a theft. The fine print is pretty thick for each and every one of these, and the actual protection you get from these is much less comprehensive than you think, and certainly less than you could do yourself. If you wanted to get the same level of protection you can do yourself (but without…doing it yourself), you’d have to pay someone an awful lot of money, as it can take more than a bit of time. But there are shortcuts that can help you cover yourself that can save you a lot of time and effort.

First thing you can do is purchase a credit monitoring package from one of the three main credit bureaus: Equifax, Experian, or TransUnion. This way you get near-instant warning any time your credit file is altered. Plus, you can put an automatically renewing ‘fraud alert’ on your account – this prevents anyone from making credit inquiries. You just have to remember to turn it off anytime you apply for a loan or other credit, and turn it back on once that process is done. This goes a long way to ensuring that no one can use your identity to get credit cards or loans.

The second thing you can do is monitor your financial accounts. Online banking is as safe as your financial institutions can make it, so the biggest risk is you, yourself. Securing an online account with a hackable password is the quickest way to losing control over your financial situation. Passwords should be long and not guess-able, hence also not remember-able. If you haven’t got a password manager in place to help you, now’s the time (read this article for more information). At the least you should look at your paper bank statements every month and make sure there are no transactions you don’t recognize.

If you have a smartphone, most credit card issuers have an app for you that can alert you every time the credit card is used – often faster than the financial institution can. So you can know if your credit card has been used fraudulently and call the issuer to report it. Same for banks, their apps can alert you every time there’s a financial transaction by notificastion, text message or email. Turn these alerts on so you get notified any time your credit or money is touched. That way you’ll know if someone other than yourself is ‘touching’ your account(s).

The third thing you can do is to make a copy of the front and back of every card and document in your wallet or purse, and keep that someplace you can get to in an emergency. If you lose your wallet, you then can quickly make the calls to protect your identity. If you’re on vacation when this happens, the copy should be somewhere you are (in your luggage, in the hotel safe, or securely obtainable online from a public computer). Don’t wait till you get home to take action.

Do these three things and you’ll have done more than you’ll get from any of those automated protection services. Those automated services have tons of disclaimers and legal language that can be the opposite of whatever marketing materials (or people!) say they’ll do. Paying for one of these can lull you into a sense of security that simply doesn’t exist. Don’t believe the marketing hype. The unfortunate fact is that identity thieves are constantly improving their craft and finding new and imaginative ways to get around just about anything you or your financial institution can put to block them. So your own vigilance is key to the only real protection you’re going to get. That vigilance starts in the physical world, and extends into the virtual world.

While I can’t actually call these automated services a scam, they are certainly an opportunistic bunch of companies. And their primary reason for being is to make money by convincing people to pay them for what I consider to be nearly nothing. Case in point, TrusdedID’s contract includes this clause:

“YOU UNDERSTAND AND AGREE THAT THE PRODUCTS SHALL NOT INCLUDE THE PLACING OF FRAUD ALERTS WITH ANY CONSUMER REPORTING AGENCIES.”

This wording is interesting because on their website, they say that they provide fraud alerts as a part of the membership.  But clearly, TrustedID will not place fraud alerts for you. So I guess the so-called fraud alert is just within their own company. Other clauses I’ll quote include:

“You agree that, except as expressly and unambiguously set forth in the Benefits section below, TrustedID will not make payments to You or otherwise be liable or responsible for any loss, damage or liability You may incur in any way related to a Stolen Identity Event (or otherwise), including, without limitation, any monetary, financial or other economic loss, theft or damage of any kind.”

So there’s nothing financially they’ll do for you if you suffer a loss. I’m finding it hard to find any value whatsoever in this company or its services. And finally:

THE PRODUCT IS PROVIDED ‘AS IS ‘ AND WITHOUT WARRANTY OF ANY KIND…. THIS DISCLAIMER OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS AGREEMENT. TRUSTEDID AND ITS REPRESENTATIVES, SUPPLIERS AND LICENSORS MAKE NO WARRANTIES THAT ANY OF THE PRODUCTS PROVIDED UNDER THIS AGREEMENT WILL BE PROVIDED THROUGH ANY OR ALL OF THE CONSUMER REPORTING AGENCIES.

TrustedID’s website says that they have a warranty system built into their services, but the contract explicitly states that there is no warranty.

At this point I’m wondering what AARP was thinking in recommending this company’s services.

---

This website runs on a patronage model. If you find my answers of value, please consider supporting me by sending any dollar amount via (send to @PosiTek), (send to Support@PosiTek.net), using any credit card (no Paypal account required), using Zelle, Apple Pay or Google Pay, or by mailing a check or cash to PosiTek.net LLC 1934 Old Gallows Road, Suite 350, Tysons Corner VA 22182. I am not a non-profit, but your support helps me to continue delivering advice and consumer technology support to the public. Thank you!

Go to Top of Page