About Breach Clarity

Helping identity-holders understand what a data breach means to their risk, so they can take action to protect themselves from identity theft and other harms.

Who created Breach Clarity?

My name is Jim Van Dyke, CEO of Futurion, and I’ve spent the last three years creating Breach Clarity in order to more effectively protect consumers following any data breach. Breach Clarity is essentially a complex and dynamic algorithm that matches exposed identity credentials to particular identity crimes, sitting behind a simple UI, and running on the industry’s best database of all reported data breaches that is maintained by the The Identity Theft Resource Center (ITRC). The ITRC is a strategic partner in Futurion’s launch of Breach Clarity, also providing free support for consumer breach and fraud victims and important publicity surrounding Breach Clarity’s launch (because we share the same mission of protecting consumers). I’m a passionate researcher experienced in digital finance (“fintech”), including the study of how exposure of compromised personal data can lead to all sorts of identity-based personal harms. The idea for creating Breach Clarity came to me while working as a legal expert witness on large US data breaches, out of a desire to pass on a high-level version of my knowledge for the betterment of everyone. I formerly volunteered as a board member on the Consumer Financial Protection Bureau (CFPB, a Federal watchdog agency focused on banks) and am now on the board of the ITRC. If you follow this space, you’ve almost certainly read statistics about data breaches from the ITRC, or research about identity theft and fraud from my former company, Javelin Strategy & Research.

How does Breach Clarity work?

Data breaches expose particular forms of private data (for instance, a nine-digit Social Security number or the secret code printed on a payment card) that unlock permission to conduct certain transactions. Running on the foundation of an all-new ITRC database of breach data maintained by the ITRC, Breach Clarity’s algorithms access publicly-available information about the kinds of personal data that any data breach likely exposed to create an estimated prediction what kinds of criminal actions the breach victim is now most at risk of. The algorithms also estimate the personal action steps that are likely to be most effective against the top predicted harms, along with an overall rating of the potential severity of the breach, similar to the Richter Scale or the Saffir-Simpson hurricane wind scale. The understanding of what identity credentials are most powerful in any particular type of identity crime comes from both years of prior research and ongoing interviews with experts in fraud mitigation, digital commerce, law enforcement, and more. Unlike risk-assessment methods applied to previous natural disasters that occurred in the past, Breach Clarity focuses on how a past breach makes future identity harms more likely, and when that is considered along with the ever-changing nature of criminal activity, Breach Clarity’s evolving algorithms might cause scores or other outputs to change over time. BreachClarity algorithms are just math formulas, representing an attempt to synchronize a consensus of the industry’s best independent experts into a simple user interface (UI) that can be used by a critical and often overused link in the battle against criminals: the consumer.  The initial version of Breach Clarity is hopefully also just a starting point, which can get better as algorithms, features, and partnerships evolve.

For a description of the risks and actions currently in Breach Clarity, click on the Resources menu tab. If you’re interested in partnering to make Breach Clarity even better, please contact me. 

Will Breach Clarity be expanded in the future? 

I hope so, but right now I’m a one-person shop (with an appreciative nod to vital support and input given by the nation’s preeminent ID crime victim advocacy non-profit, the ITRC) and options are limited while I’m still a self-funded solo operation.  Yet many possible ways of expanding Breach Clarity’s capabilities are being considered.  I’m current at work on detailed product-expansion roadmaps for a future premium version, that would be licensed to financial institutions and large employers for use only by their logged-in customers, members, or employees.  I’ve created a successful working prototype that significantly expands how many potential fraud risks and recommended actions steps are shown (it currently displays just two of 11 possible fraud risks and three of 20 possible consumer action steps in the system), along with integrated risk and action-step recommendation results for multiple breaches, for instance. Because trusted consumer providers such as banks, credit unions, payment companies, investment brokers, and others may see their fraud-associated costs drop when Breach Clarity is used in partnership with their customers, these added outputs may only be offered through financial institutions or even employers who offer it on a logged-in basis. On the long list of future features to be considering, the ability to also integrate or modify capabilities such as financial transaction alerts or transaction dollar limits are certainly interesting. The increased amount of dark web data that’s becoming on an individual basis is also of high interest, along with the ability to conduct big-data studies of how private information from one particular breach is suddenly becoming used to commit fraud (and as a result, to notify others about emerging risks before they become victims as well). The next step is to process the post-launch reaction from my trusted and respected peers who also work on the front-lines of fraud prevention and digital financial technology (“fintech”). I personally provided the seed funding for Breach Clarity, and am now communicating with several potential strategic investors who are interested in helping it grow to revolutionize how data can be used to stem the personal and business losses created by today’s onslaught of costly data breaches. 

How does Breach Clarity make money? 

With a very appreciative nod for resources provided by the ITRC, Breach Clarity has so far cost a great deal of personal time and expense, and yet I believe it has tremendous growth potential. Now that the free version of this future likely freemium offering is launched, we’ll eventually see if there is money to be made through ads on this web site as well as a greatly expanded version that identity-holders can access only by logging in to a financial services or employer secure web site. If you’re interested in becoming a future advertiser, affiliate marketing partner, or licensor of a future Breach Clarity Premium to cut fraud losses, strengthen loyalty, and help with overall digital strategy efforts, please reach out. If you share a passion for creating goodness for people, let’s talk.