Keeping your identity safe in a world of clouds

tied to an estimated 54 million people, about 98 percent of whom live in the United States, and searching it is free. “It shows you who the bad guys are looking for: the rich Americans,” said Scott Mitic, TrustedID’s chief.

Sidestepping malware. Other products focus on outmaneuvering malicious programs that infiltrate PCs. Such malware has mushroomed recently, and antivirus companies have struggled to catch every new attack. SafeCentral, a product from the security software company Authentium, protects users even if there’s malware on the computer. It includes a stripped-down and secure browser to use when banking, trading stocks, viewing health information or shopping online.

Computer programming interfaces known as A.P.I.’s, which game makers can use to turn keyboards into controllers, for example, are turned off because “keylogger” programs use them to capture information. SafeCentral also turns screenshots of Web pages blank to defeat these programs. Also off are A.P.I.’s that programmers use for browser plug-ins. This stops malicious plug-ins that monitor encrypted Web sessions — the ones where the URL changes from “http” to “https” — in case credit card numbers are transmitted.

Give out nothing. The chief executive of Florida-based Kemesa, Steve Bachenheimer, says that “Thieves can’t steal what isn’t there.” He is referring to the third information protection alternative – perhaps the best one – which emphasizes the need to avoid sharing information online in the first place. Kemesa has created a shopping-safety product called Shop Shield that starts with a familiar browser-based tool for managing passwords and auto-filling Web forms — which helps defend against keyloggers (which can record every keystroke made on a keyboard). In addition, Shop Shield users can give online merchants anonymous personal data, like single-use credit card numbers and specialized e-mail addresses (see “Kemesa: Solving the Identity Theft Problem,” 10 August 2009 HSNW).

Of course, since Kemesa holds your personal information, hackers may make the company’s database their target. Kemesa says it has created an impregnable “digital fortress.” The product (which uses an add-on for the Internet Explorer and Firefox browsers and a Web site), puts an encrypted token on the computer, which makes it extremely difficult for a remote attacker to gain access to personal records. This also means the user must authorize each computer to run the program.

In addition, Richmond notes, at Kemesa, customer information is not just encrypted, it is broken up into tiny pieces that are then stored in different databases on different networks, making reassembly by an attacker grueling. The company also monitors for intrusions, regularly tests its defenses, keeps its physical location in lockdown, and otherwise sticks to Defense Department security standards.

PC World’s Erik Larkin writes that you can tie Kemesa’s Shop Shield creates virtual card numbers and virtual profiles. You can tie Shop Shield to any credit card or checking account. It creates not only a virtual credit card number but also a faux e-mail address, name, and other contact information for use with the number. You can create such profiles either at the company’s site or through a Firefox add-on (installed as part of your signing up at the site; an add-on for IE is in the works). Once installed, the add-on recognizes shopping sites and autofill forms.