A Full Credit Lockdown
(2009-07-13) by David John Marotta
In my first job teaching computer science, someone stole my wallet off my desk during my office hours. Although I canceled all my credit cards, the thief used them around town, buying everything from clothes to tobacco. In those days cards were run manually on paper, and there was usually no instant electronic verification.
Identity theft is becoming distressingly common as personal information becomes easier to swipe. Internet sites all ask the same security verification questions. One site could easily collect your information and then try using it on others. For example, a student filled out a credit card application outside a university football game with the promised bonus of a free T-shirt. The perpetrators used all his information on a real credit card application but changed the mailing address. By the time the student realized his identity had been stolen, creditors were hounding him for hundreds of dollars of charges.
Having your identity stolen costs an average of $40 and 10 hours defending your name and cleaning up the mess. It happens to about 0.8% of the U.S. population each year. Even if your time is worth $100 an hour, the average loss to you is only about $8 annually. So clearly it’s not the monetary cost that bothers people. What’s really worrisome is the potential vulnerability and personal violation they feel. Fortunately, there is a simple and easy way to acquire a full credit lockdown so no one can initiate changes to your credit without your permission.
Your credit information is stored at three main credit bureaus: Experian, Trans Union and Equifax. At the end of 2003, Congress passed legislation that requires these bureaus to allow you to put a fraud alert on their credit reports. The alert only lasts 90 days, but during that time lenders have to verify your identity before they can issue a credit card in your name.
Since then, several companies have used this law to offer a renewal of the fraud alert every 90 days on your behalf. LifeLock is the best known among these services. The company went so far as publishing its CEO’s Social Security number and daring people to try and steal his identity.
LifeLock’s one-stop service initiates a fraud alert with all three bureaus and renews and monitors your credit status for $10 a month. As a result, you receive less junk mail and sleep better at night. They will pay up to $1 million in losses due to stolen credit.
This service angered the credit bureaus. They make most of their money by selling credit information about you to lenders. If the lenders actually have to verify the information, it becomes too expensive for them to act on. The data for LifeLock customers wasn’t worth the cost required to verify it, damaging the bottom line for the credit bureaus.
In retaliation, the credit bureaus accused LifeLock of deceptive marketing practices. Experian sued in California court claiming that the 2003 law only permits individuals to put an alert on their credit. They claimed that LifeLock posed as individuals and put alerts on an account even when no suspicion of identity theft existed, costing Experian millions of dollars to process the requests.
In a decision last month, a California judge found LifeLock’s practice illegal. Only family members, guardians or an attorney can make the request on behalf of an individual. Fraud alerts ought to be standard and permanent for everyone.
The decision is surprising, and the case seems disingenuous for the credit bureaus. They have turned free credit report legislation into a multimillion-dollar industry through their own deception and fear mongering.
Although LifeLock’s service was convenient, you can still duplicate their services by placing a credit security freeze on your own credit record. A credit freeze does everything a fraud alert does and more. First, it is permanent, not just for 90 days. Second, it prevents lenders from seeing your credit report unless you specifically grant them access. This strategy prevents identity thieves from getting new credit in your name even if they have every bit of your personal information.
If you do apply for additional credit, you will have to remove the freeze temporarily or give the specific party who wants to access your information your personal identification number (PIN).
If you plan on applying for additional credit cards or getting a new cell phone provider or cable package, a credit freeze may not be advisable. And those promotions linked to new credit card applications will no longer flood your mailbox. But these deals are never a way to build real wealth. Get the few credit cards you need, and don’t let any promotional offers suck you in.
For Virginia residents to initiate a security freeze, each credit bureau charges a onetime $10 fee. If you have already been the victim of identity theft, the charge is waived. However, some states do not permit credit agencies to charge its customers for placing a security freeze. We recommend a credit freeze for anyone who has already established the credit they need. A freeze both reduces the frenzied marketing of additional credit opportunities and the potential harm of compromised personal information.
After a few minutes of effort and $30 in payments, your credit should be locked for life. Here is how to accomplish securing your credit at each bureau:
At Experian (888-397-3742), go to https://experian.com/consumer/security_freeze.html.
At Trans Union (888-909-8872), go to https://annualcreditreport.transunion.com/fa/securityFreeze/landing to start the process.
At Equifax (1-888-766-0008), you can put a lock on your credit by visiting .
The process is not standardized across the three credit bureaus. Each uses a different methodology. But with a little effort, your credit will be safe and secure.
Each bureau will give you a PIN. They are likely to be all different. Don’t lose these. Trying to get a security freeze lifted when you have forgotten the PIN necessary to change your credit security is a catch-22 you don’t want to experience.