Identity fraud could lead to loss of revenue, causes operational problems to e-tailers and damages the firm's reputation. Most research in this domain focuses on the security technologies or system users’ security compliance related issues. In this research, we direct attention to understanding the content and breadth of identity fraud prevention policies. We conducted thirty-three semi-structured interviews with employees and management of three large UK based e-tailers. It was found that while e-tailers have policies and other related arrangements that address information security and data theft prevention, they often lack policies on identity fraud prevention. Additionally, we found that the design of security policy awareness strategies, approaches to updating security policies, and enforcement of security compliance/audits, do not help prevent identity fraud. Based on this analysis, we developed the Identity Fraud Prevention Framework (IFPF) to help e-tailers develop and implement better identity fraud prevention practices.

身份欺诈可能导致收入损失，给电子零售商带来运营问题并损害公司声誉。该领域的大多数研究都集中在安全技术或系统用户的安全合规性相关问题上。在这项研究中，我们将注意力集中在了解身份欺诈预防政策的内容和广度上。我们对英国三大电子零售商的员工和管理层进行了 33 次半结构化访谈。调查发现，虽然电子零售商有解决信息安全和数据盗窃预防的政策和其他相关安排，但他们往往缺乏预防身份欺诈的政策。此外，我们发现安全策略意识策略的设计、更新安全策略的方法以及安全合规性/审计的执行，无助于防止身份欺诈。基于此分析，我们开发了身份欺诈预防框架 (IFPF)，以帮助电子零售商开发和实施更好的身份欺诈预防实践。