Identity fraud is a serious problem for individuals but it is really business that should be concerned. Businesses pay the price for fraudulent transactions done in a customer's name. Therefore they need to keep customers' personal information secure and confidential while preserving the flexibility necessary to run a profitable operation. Fortunately, the solutions are at hand.

Technology has progressed and become cheap enough to subvert potential disasters with a few feasible changes. For example, removing the magnetic strip on credit cards and manipulating existing scanning machines can virtually eliminate credit card account takeovers, the most common form of identity theft.

For a modest expense, merchants and vendors can program these card scanners to truncate, abbreviate, or block out the customer's credit card number. In this way, the thief is foiled in his or her attempt to lift the account numbers off the credit card receipt or directly from the "mag stripe" itself with the use of a skimming device. Smart card technology with its increasingly more cost effective card readers-now prevalent in Europe-can also encrypt account numbers at the point of sale.

In addition to increasing the security of credit card numbers, removing social security numbers from medical identification cards, drivers' licenses, student Ids, and medical bills will reduce instances of identity theft. Database architecture and technology has progressed to the point where other unique identifiers not tied to someone's personal information can assist businesses in tracking a person's information without breaching the customer's security and confidentiality.

With the use of relational database software tools that are now becoming commonly available, other alphanumeric identifiers can be used as viable alternatives to social security numbers in order to authenticate customers. These adjustments to enhance customers' privacy will in no way jeopardize business. If nothing else, they will enhance it. Time and again, individuals have indicated they will more easily provide personal information to a company they feel confidant will keep their records secure.

Businesses should market their privacy and security solutions right along with their products and services. Customers respond positively to businesses that provide them with good service and satisfaction by giving those companies more business. Protecting confidentiality and security of information is just another aspect of providing enhanced customer satisfaction.

There is no reason to delay these changes, which might even help to ward off new laws and regulations that raise the cost of doing business. All that may be required is to educate management on the costs of adopting these new technologies and the benefits to be realized.

It's better to use legislative capital to help law enforcement find and prosecute the perpetrators. This approach provides deterrence, because law enforcement agencies can focus on punishing offenders. It also enhances prevention because businesses will utilize the technologies available to prevent identity theft in the first place. Common sense also plays a role.

Businesses should not print customers' full credit-card numbers on receipts. By law and under the terms of most cardholder agreements, the customer is generally not liable for any losses incurred for fraudulent transactions done in their name. In all events, their liability is capped at $50, so it's the merchant or the customer's bank that bears the loss.

As for individuals, if they do not want to risk spending 18 months cleaning up a messy identity theft crisis, they should consider the benefits of a paper shredder and a locked mailbox. A little self-help never hurts in crime prevention.

Marc Loewenthal is President of eConduit LLC, a risk management services company that provides risk assessment tools and solutions to financial institutions. He is the former Chief Privacy Officer for Providian Financial Corporation.