mouse
Go to Homepage


Subscribe to free weekly newsletter

Mouse Print*
is a service of
Consumer World

Support us by using:

Deal Alerter
Visit our sister site:

Consumer Reporters & Advocates in Media


Updated every Monday!   Subscribe to free weekly newsletter.

December 17, 2007

ID Vault: Million Dollar Protection Policy?

Filed under: Computers,Finance,Internet,Retail — Edgar (aka MrConsumer) @ 6:30 am

With so many phishing attacks and incidents of ID theft occurring, many consumers are leery of entering into any financial transactions online.

Where there is fear, however, there is also a business opportunity to allay those concerns. Enter ID Vault. It looks like a thumbdrive that you plug into an available USB port on your computer. It stores your usernames and encyrpted passwords, and automatically transmits them securely when you log into a financial or retail website. It can also determine if you are visiting a real site, or a scammer’s copy. Bottomline: it protects you.

They are so sure of their technology that they offer a “$1,000,000 Guarantee” that promises to cover your losses if your login credentials are stolen and used fraudulently. Quoting from their press release:

Consumers can now bank, shop and invest online with total confidence, knowing that even if their personal information were stolen while using ID Vault, GuardID will reimburse them for any losses up to $1 million.

“We are so confident that ID Vault 2008 will protect consumers from online identity theft and fraud, that we put our money where our mouth is, and will refund any losses consumers incur, up to one million dollars, when using ID Vault,” said Jerry Thompson, CEO of Guard ID Systems.

And on their website, here is the big print of their $1,000,000 Guarantee:

ID Vault guarantee

Of course the devil is in the details.

*MOUSE PRINT:  The company may have led you to believe you will have more coverage than they actually will provide (depending on the circumstances). They will only cover you up to $100,000 per account, not $1,000,000 as you might have expected.

“Should we determine that the account was exclusively accessed online using ID Vault prior to the theft of your account credentials, we will reimburse any direct loss, up to $100,000 per individual account and up to a maximum of $1,000,000 over the lifetime of your ID Vault subscription and subsequent renewals.”

In a sense, that is like buying a million dollar fire insurance policy, but only being able to collect $100,000 per fire. Granted, if you are lucky enough to have a millon dollars, and spread it out over 10 different accounts, then you would indeed be qualified to be reimbursed for $1,000,000.

The restrictions in the policy also require you to be 100% faithful to ID Vault as the means of logging into your accounts. You cannot access them on your work computer, or anywhere else, unless there is an ID Vault attached. (And they will compare your financial institution’s records of your accesses with the list of accesses tucked inside your ID Vault. If they don’t match exactly, you lose the coverage.) 

So, what may seem like a simple $1,000,000 guarantee promoted in advertising, is in fact full of strings and loopholes, as any other insurance policy would be.

• • •

13 Comments

  1. Yeah, I saw there adds and figured there was some fine print they weren’t talking about. Lo
    and behold.

    Comment by Jimbo — December 17, 2007 @ 12:37 pm
  2. The Federal Government only insures deposits in FDIC approved institutions for $100,000 per account. This is likely why they chose this amount, but then they should clearly advertise thhe true amount.I agree with the fire insurance analogy.

    Comment by Tom S — December 17, 2007 @ 3:59 pm
  3. I suspect it also means it only covers accounts opened after you start using IDVault. Haven’t most people accessed them already? But it says accessed exclusively, which means I can’t have accessed them in the past, either….

    Comment by AnnMarie — December 17, 2007 @ 9:36 pm
  4. Thanks for finding this! I heard that ad and I just knew they were full of it. But Tom’s comment makes me wonder, do they offer no insurance at all and simply use that federal government insurance? Everything is a scam.

    You can do their service yourself for under $5!

    1) ($5) Buy the cheapest possible thumb drive u can find.
    2) (free) When you make your accounts give them really long passwords like 4qq073ym2108fdoifngadfdja and save it to a .txt file on your USB drive. Everytime you need your password, open your USB key, copy and paste. It’s not automatic, but it’s just as secure as their method nobody will ever guess it. Oh, if you’re afraid someone will steal your thumb drive, use an openoffice format and put a password on it
    3) (free) Install and Use Firefox for their phishing protection. Install the NoScript extension for extra security, even while it’s turned off it helps. There are lots of other firefox security extensions to try, you’ll find one that fits you.
    If you think copying and pasting is too much work, you could try using Firefox’s master password in Tools, Options, Security. Which is a good solution for your computer where you want to save passwords you entered, but lock it up once the browser is closed.
    4) (free) Educate yourself. Be wary of people asking you for passwords, money, card numbers, ANY personal information even last name, or telling you to do something you don’t understand. Why does this website need to know my last name? Fill in bogus info for sites that require you to register. Think before you click.

    keep fighting the good fight mouseprint

    Comment by sam lidester — December 18, 2007 @ 12:34 am
  5. So if you didn’t use their account once, but your account was cracked through their system, you still get nothing? Sounds like a lawsuit waiting to happen…

    Comment by RS — December 18, 2007 @ 1:16 am
  6. The biggest mouse print is that they will probably put the burden of proof on you to show that you ALWAYS used their technology. That pretty much means that they will never pay out any money, as nobody can proove they ALWAYS used ID Vault, and ID Vault will simply say: “Well, if you had always used our product, your info would not have been stolen.”

    Comment by Jasper — December 18, 2007 @ 8:17 am
  7. Great list Lidester, but you forgot to mention you can install Portable Apps (portableapps.com) and install protable firefox, on your thumbdrive. This way you never even use the browser for anthing but checking your finanical records. Portable Apps also includes a program that can password protect the entire thumbdrive.

    All for a lot less than ID Vault

    Comment by Chris S — December 18, 2007 @ 1:34 pm
  8. “we will reimburse you for any and all amounts stolen from you”

    Identity thieves don’t steal money from people. They steal money from businesses, banks, etc. You don’t lose money, per se, when your identity is stolen. The money is lost from the businesses who did not adequately identify the theif before giving him money/products in your name. If your identity is compromised, it is a huge hassle, but nobody steals money from you.

    “And they will compare your financial institution’s records of your accesses with the list of accesses tucked inside your ID Vault. If they don’t match exactly, you lose the coverage.”

    What happens when the financial institution doesn’t hand over the data? They might not even keep it for as long as the account is open.

    It seems to me that this company has no intention of giving out any money, ever. It’s like one of those “sign up for four offers and get $20″ scams.

    Comment by Bob — December 19, 2007 @ 6:35 pm
  9. Look–just do the following for your passwords…works for me and I’ve never had any problems…

    Just have a folder you save on your desktop or your my docs folder that is where you keep your passwords and usernames. Create a text file with notepad for each website, including all information, such as a full URL for logging in (copy/paste it), the username, the password, and any email or additional information you had to give in order to use it.

    Have at least 3 email accounts…I use for my good personal stuff my comcast email account, for total junk I use my hotmail account, and for semi-good/semi-junk I use my Gmail account.

    You don’t need to encrypt or password your text files for each username/password simply because I use what I consider a fool proof way of ‘encrypting’ my own usernames and passwords.

    What I do is, I use certain phrases in all my usernames and all my passwords. What I will do, is use a string of numbers or characters, and when I do this, I type in the first letter or number, but put X’s in all the other spots. This indicates where my strings of numbers or letters are that I always use. You MUST always be consistent, and obviously, use strings of numbers and letters that you will remember.

    Over time, you probably already use a consistent set of strings of letter and numbers in your usernames and passwords already. Especially if you work at a large company where you have to change your password to log onto the domain often.

    For example, in all your usernames, you could use 2 or 3 strings of words. All your passwords could use the strings APPLE … XEMMA … DOLTING.

    If you did this, then all your usernames (you probably can’t always have the same usernames for all websites/whatever due to different restrictions and possibly some are going to be already used by someone else).

    Lets say for http://www.whatever.com, I use a username of Dolting1947. Lets say there are 2 strings in that name that I use all the time everywhere if possible. The password for this website is Fortitude315CX. Well, just so happens I use the 3 strings, ‘Fortitude’ ‘315’ and ‘CX’ exactly that way (case sensitive) in ANY/ALL passwords I use. For this website, the URL used is https://www.whatever.com/login?p=343. Email that you used to sign up is one of your accounts, DoltingCX@gmail.com (this is extreme, as you don’t really need to encrypt your email, but it’s just an example).

    My Text file would look like this:
    ———————————–

    Whatever.com

    Login URL:

    https://www.whatever.com/login?p=343

    username: Dxxxxxx1xxx
    p/w: Fxxxxxxx3xxCx

    email used: DxxxxxxCx@gmail.com
    ———————————————————-

    You just creat this small text file for each and every website for everything you have. I think I have something like 60 of them…about 20 of them are financial sites, that I use to do on-demand online bill paying.

    I just consistently ‘code’ all my usernames and passwords. I have challenged a few friends to try and figure out any of my usernames or passwords…..they can’t…it’s impossible. And they are all easy to remember because I use all the same ‘strings’ all throughout all of my usernames and passwords.

    Like I said, I save a copy of this folder on each of my desktops, and also on a flash drive I normally keep in my pocket.

    No need for this stupid IDvault thing like the government uses. Just because the Pentagon uses this, this in itself is reason enough to stay away from it!

    Hope this method I use can be of use to somebody out there.

    Comment by Dave — March 11, 2008 @ 3:14 am
  10. I forgot in the last post that maybe everyone didn’t understand fully unless I give a second example so you can analyze the difference between 2 different logins for 2 different websites using my method.

    A 2nd example:

    For a credit card company, HSYC, I have a login so I can pay the bill online. I created a username called: CX3151947 and a password: 315CX1947.

    Using the same strings as in the above example, here’s the example:

    ————————————————————
    HSYC Visa Card

    Website for logging in:

    https://www.hsyc.com/?lsjfsld.-p.login

    username: Cx3xx1xxx
    password: 3xxCx1xxx

    ———————————————————————-

    Reason why this method works so well, is that when you see a ‘1’ followed by 3 x’s, you know this ALWAYS means 1947…that’s a string you use consistently, and you NEVER PUT ANYTHING ON PAPER (OR IN A TEXT FILE) OTHER THAN ‘1xxx’ …that’s why this method works so well. No where is it written anywhere, on anything, PERIOD! That 1xxx would mean 1947…so nobody will ever ever know, except you in your head.

    Hope this helps.

    Comment by Dave — March 11, 2008 @ 3:24 am
  11. Loads of problems using this program. I entered the provided security ID Vault Serial number after having problems using my password. The program locked me out. Tech support still hasn’t responded to my inquiry on this problem

    Comment by PURCHASER WOES — April 4, 2008 @ 7:48 am
  12. I use the ID Vault and it said if I wanted to back it up I would need a 2nd so dummy me went out and bought one because I dropped my laptop and bent the usb on the ID Vault a little, anyway now I get this pop up that says Special Offer my current subscription expires on March 8, 2009 and to pay $19.95 their lowest price to protect my online identity until March 8, 2010 additional year guaranteed protection.

    My question is will I still be able to use my ID Vaults? after it expires I don’t need that extra online protection. I’m already paying $12.00 a month for ID fraud protection. I didn’t know what I was getting into until I stumbled across the popup and found this website. Any ideas?

    newbie
    Angel
    CA

    Comment by D'Angelo — April 7, 2008 @ 11:33 pm
  13. I installed the ID Vault on my home PC, which is a 1.8Ghz Dell. No problem with the installation or loading the data in ID Vault, though it’s cumbersome. HOWEVER, system performance deteriorated rapidly and when I opened TaskManager, ID Vault was sucking up tons of processor time. I shut down the IDV process and performance went up dramatically. Needless to say, I just uninstalled ID Vault, a huge waste of time. Now, if someone can only tell me how to crack the IDVAULT and use it as an encrypted thumbdrive, at least my money won’t be wasted. By the way, the Best Buy website had it for $14.99, had to show them at the store. ID vault website had a $10 rebate, so net cost is $4.99!. It’s a cheap thumb drive, I hope, help me if you can? Thanks!

    Comment by Roger — April 23, 2008 @ 7:38 pm

Comments RSS

Sorry, the comment form is closed at this time.

Powered by: WordPressPrivacy Policy
Copyright © 2006-2014. All rights reserved. Advertisements are copyrighted by their respective owners.