1. The impact of on-line id theft on fraud is not clear

Some see on-line identity theft as the biggest source of id theft.

"Online banking transaction fraud is growing rapidly due to the huge amount of identity theft that has occurred in the last couple of years," Peter Relan, chief strategist at Entrust, told the E-Commerce Times.

Wrong, says another industry executive quoted by E-Commerce Times:

According to numerous industry studies -- for example Javelin Strategy & Research's Identity Fraud Survey Report -- ID fraud has declined over the past four years, and only 8 percent of identity fraud has resulted from online information breaches, said Scott Mackelprang, vice-president of security and compliance at Digital Insight.

Regardless of how much online theft has now, we need to plan for the future and we certainly can't ignore the problem because it has less impact today than other sources of id theft. Both sources are risks and must be addressed.

2. In spite of 1, consumers are losing confidence in online financial transactions.

According to Kerry Loftus of Verisign, a Gartner report

links fraud losses and phishing threats directly to an erosion of consumer confidence in financial institutions and online transactions in general

3. Strong authentication is required under FFIEC guidelines

Scott Mackelprang of Digital Insight notes:

"The guidelines for how this increased authentication was to be implemented were not method-specific, so there isn't a 'standard' method, but 'strong' or multifactor authentication (MFA), in some form or another, is now the norm,"

4. More privacy regulations and oversight is probably in our future.

Senator Jim Webb of Virginia is concerned about outsourcing which leaves personal information in countries with less comprehensive privacy protections than the U.S.

I'm not sure you need legislation, but you'll definitely see oversight from me on the issues of security and privacy

Now Webb knows how the European Union felt about ten years ago.