My identity crisis

Unfortunately I was out the morning my bank rang. A woman’s voice asked me to call back, but the number was engaged all afternoon. I didn’t worry. Her voice had sounded so casual and relaxed I knew it couldn’t be urgent. She had rattled off her phone number with such joyful speed I was able to take down only one digit each of the seven times I played her message back.

When I phoned the next day a man answered. The woman who had been attempting to contact me, he said, worked part-time and I wouldn’t be able to reach her until the following week. “What did you want to speak to her about?” he asked. This was a more difficult question than it sounded. “I don’t know,” I replied. There was a pause. “Then I’m not sure I can help you,” he volunteered. We were in a cul-de-sac. So I took a deep breath and explained – which led us to a familiar obstacle course. Who was my mother, when was I born, what was my password, my code, my number, the first and last lines of my address? “Would you please hold on,” I was asked when all this had been completed. I was left listening to some music.

The music was interrupted by another man’s voice. “This is Fraud,” he announced. For a moment I thought he had said Fred. “Have you been in touch with the bank recently?”

“I tried yesterday,” I said apologetically, “but without luck.”

“I meant did you speak to us in the last three or four days?”

“Not so far as I can recall. Three or four days – that’s quite a long time.”

“You haven’t ordered a new bank card?”

“No. Mine is working fine, thank you.”

“Not any more it isn’t. We cancelled it yesterday after we posted your new one. Did you lose your card?”

“No. I have it here in front of me.”

“Then I advise you to cut it up into small pieces.”

Apparently someone using my name had phoned the bank, said he had lost his/my bank card and ordered another. He gave my mother’s name, the date of my birth and verified my address where he asked the card to be posted to. The bank sent it, but I had not received it – and never did. Apparently there were four similar cases in the neighbourhood. This pointed to someone working for Royal Mail as the culprit, I was told, and the Fraud Department at the bank was making elaborate plans to catch her – or him. It was going to post me another card in an obvious and inviting bank envelope. So if I received nothing that was good news because … At this point I interrupted.

It did not seem good news to me. If I scissored my useless bank card and did not receive another, how was I to get money from the local branch of my bank or pay some of my bills? Fred from the Fraud Squad (as I came to think of him) admitted that this might be troublesome. But it wouldn’t last for ever, he reassured me. In three or four months, perhaps, normal service would be resumed. Until then I must not use any telephone or online banking. And I would have to take my passport, driving licence and other proofs of who I am to the bank before I cashed a cheque. The first time I did this, the woman at the till was obliged to go through a complicated conversation with the Fraud Department herself while a long line of customers gathered impatiently behind me. I think she quite enjoyed this conversation – anyway, she was polite enough to say it had added to her work experience and interrupted the monotony of her routine business. But for the rest of us on the other side of the counter it was a bad half-hour and some of them, hearing the word “fraud”, looked at me with deep suspicion.

Things, I decided, could not go on like this. So I phoned Fred – and he suggested that I get on to the Royal Mail Fraud Office. I did this – but was eventually told that my bank did not use Royal Mail. So I phoned Fred again. He was surprised by this news, but said that the Fraud Department had no contact with the Post Department of the bank. In which case, I replied, how did he know that someone in the Post Department of his bank was not responsible for my mail being taken. “I very much hope that’s not the case,” he said. “And I very much hope that the case can be sorted out quickly,” I replied.

Since most of my security answers could be easily found in reference books and on the internet, we decided that all this must be changed. My mother now has a different name; I have acquired a younger brother and chosen a favourite television programme that I loved as a child (when there was no television). In short, I have a virtual life. The one thing I asked for – a new birthday – has for some reason (and with much laughter) been denied. I would have liked to claw back 20 years or been given an impressive new seniority. My main worry with my new identity is that I will forget who I am.

I have another bank card now, but it comes with a warning attached. I must treat it with great delicacy, like a child. It has severely limited abilities. But sometime in the future – no one is sure when – it will grow up and gain its full potential. Then, if I can hang on long enough, I will have come through my personal recession.

Michael Holroyd’s latest book, ‘A Book of Secrets: Illegitimate Daughters, Absent Fathers’, is published by Chatto & Windus

.......................................................................

If it happens to you

Identity theft is big business. In 2009, YouGov research estimated that £2.6bn was stolen online from UK bank customers. In just the first six months of that year, £39m was taken in online banking fraud, according to Financial Fraud Action UK, and another £23.9m through credit card ID theft – an annual increase of 23 per cent. As many as one in eight account holders were affected, the YouGov survey claimed – with an average of £463 being spent fraudulently in their names.

And, for perpetrators with access to post, it need not be a messy business. Sophisticated ID thieves are likely to spend more time scouring libraries than landfill. A quick perusal of Who’s Who put me in possession of Michael’s date of birth, birthplace and mother’s maiden name. A flick through his childhood memoir, Basil Street Blues, even disclosed the answer to a favourite online banking security question: the name of your first family pet (it was even easier to find this via Amazon.com). A further web search revealed several other possible passwords: his favourite book, piece of music, author and more.

Michael, and everyone else, can protect themselves by sticking to these simple rules: use a different “strong” password (a mix of numbers and upper and lower case letters) for each account, shred or burn bank details before binning them, don’t buy online via public wi-fi or internet connections, use only secure https web pages for transactions, sign up for additional online security checks, such as MasterCard SecureCode or Verified by Visa – and never base security answers on your mother’s maiden name, date or place of birth or other published personal information (whether in books or on Facebook).

Don’t get too clever, though. I used to use my mother’s middle name as an unguessable security question – because she doesn’t have one. Then I switched from telephone to online banking … and the website refused to accept a blank box as an answer.

Matthew Vincent, FT personal finance editor