In this age of growing electronic communications, businesses are simultaneously protecting your identity and putting it at risk. Be aware that the current state of the law means that the risk is being passed to you whenever you do business online, and possibly even if you don’t do your business online, given that many businesses are passing around your information with or without your explicit consent.

The most common form of identity protection in on-line business is the necessity of creating an account with an electronic business in order to do business with it. Such a typical account requires you to give your name, your phone number, your email address, a credit-card number, and your address. This is a possible recipe for disaster, should this information fall into the wrong hands.

This is typically guarded by requiring you to also designate a username and password. Anyone lacking this information cannot log into the site and begin running up your credit card. Furthermore, most sites won’t let someone who logs in read more than a few numbers of a credit card designated for the account (enough to remind you which card you put on it, not enough to use it). (Unfortunately, the address, phone number, etc, may be enough to allow for someone to apply for a credit card in your name, as credit card companies have become increasingly sloppy about vetting applications.) Digital signatures may be used to try to prevent any third-party interception of communications between your browser and the e-business site as well.

It is wisest to only use computers you can be sure have not been tampered with to do your e-business and to protect your passwords well, in order to obtain the full benefit of this system.

Some businesses have added further layers of security, especially to combat the problem of phishing–people being tricked into revealing usernames and passwords to fake websites after being sent emails with links to fake versions of the official company website. Bank of America, for example, gives every customer what is called a ’sitekey’. This is a combination of an identifying phrase and a visual image, which is displayed after you login with your ‘online ID’ (username). If it is valid (ie, it’s the one you picked when you signed up), you then enter your ‘passcode’ (password). Otherwise, you know you’ve been tricked into a fake site, and you can exit the site without having your password stolen. This is definitely superior to the normal login system as it allows the user to verify the website as well as vice-versa.