Interview of the editorial office of Executive Magazine with Joanna Charlińska, Sales Director at Biuro Informacji Kredytowej [Credit Information Bureau]

Nowadays, personal data sharing is commonplace. The provision of information such as name, surname, date of birth, place of residence, and sometimes even the ID card number and Personal ID Number (PESEL) [] is often necessary to make use of a multitude services that we find important. Meanwhile, that data is something precious – if it comes to the hands of criminals, they can use it to file a fraudulent credit or loan application or sign another contract using our data. Not only can companies be the victims of unfair practices but also all of us, our loved ones.

Are we really this much vulnerable?

Internet crime is not a new phenomenon. Undoubtedly, however, as the coronavirus pandemic has been growing in power, the number of any forms of online violations has increased as well. After all, most of us use the Internet, including those for whom being online had been something unknown thus far. The security of our data is, therefore, an even greater challenge. We need to stay particularly vigilant when it comes to the theft of our data. Although it must be admitted that numerous day-to-day activities can potentially give rise to the possibility of obtaining our personal data and using it to commit loan fraud. These include, for instance, online shopping, sorting out official matters, looking for a job or being on holiday.

Identity data can be obtained in an obvious way, including but not limited to as a result of the theft or loss of an ID card, throwing away of documents or courier shipments into the bin, or as a result of a hack into our computers.

Not only can valuable personal data be found on our documents such as passport, ID card or driving license but also in the databases of various institutions like hospitals, clinics, fitness clubs. While we can take care of the security of our documents ourselves, we do not always have influence on the security of our data stored in other sources. It is from the media that we learn about “data leaks”, in panic we make sure whether our data has leaked or not and we nervously look for ways to reduce the risk of making use of our data.

This is true, yet a leak doesn’t mean data theft by default.

A leak is a serious violation of data security. Although the leak is not a fraud yet, then observations of this type of crime prove, however, that they are committed mainly to enjoy financial benefits. It is strongly likely that the stolen data will be used in the future. Criminals use it for fraud, aided by cunning social engineering gimmicks. Even if data, such as ID card number or PESEL has not leaked, the disclosure of a phone number or e-mail itself might be enough to open a path for the criminal to contact the victim and use social engineering techniques to learn their other data. These include, among others, spoofing – a method by phone or e-mail that involves impersonating actual organisations (including banks), phishing – for example, by using a text message or a phone call. Such methods are based on human naivety or inattention that transfer the victim to a false yet deceptively similar website of our gym, favourite restaurant or courier service. Spam attacks – advertising links sent around and clicked by ourselves in a haste. All these forms of contact may make use of the leaked data.

This makes us aware that we do not really know neither how nor when our data might come to wrong hands. Are Poles aware of this, do they know what to do?

At BIK, we constantly monitor consumer behavior. It shows that 91% of adult Poles find personal data security important. We carry out nationwide opinion polls on a regular basis to verify the knowledge of our society about the risks associated with data loss. And, unfortunately, the results of these polls are worrying. According to the opinion poll from April this year, entitled “Cybersecurity of Poles”, every tenth respondent would not take any action in the event of a data leak, whereas in the event of committing a credit or loan fraud, they completely would not know what to do next. Only 35% of Poles are aware of the importance of cancelling identity documents, and only 9% would decide to purchase a fraud-alerting service.

It is interesting. If I get you right, on the one hand, we are not indifferent to the security of our data, and on the other hand, we are passive. Is it ignorance or negligence?

There are probably several reasons for this – as you rightly pointed out – passivity. As for fraund, it often happens that the saying “A Pole is wise after the loss” is unfortunately true. Therefore, both in our educational activities and in communication to individual customers, we have been placing great emphasis on the essence of the so-called prevention.

Fraud-related crimes have the specificity that thieves act quickly and mechanically. Once they have managed to file the first fraudulent credit or a loan application using stolen data, they immediately try to incur new liabilities. The faster our reaction is, the greater the chance to put this dangerous chain of events to an end.

Therefore, we are even raising an appeal to act before a loss happens. It is a bit like insuring your home against fire or theft, or taking out a policy before we go skiing. Likewise, we can protect ourselves against the risk of fraud as a result of identity theft. Perhaps no unpleasant event will ever happen, but the correct sequence of actions is a key. Then we can sleep more soundly.

Let us give our Readers a broader outline of how we can help each other? Is it possible to counteract fraud-related crimes?

I have good news – we do not need to feel vulnerable, instead, we can be one step ahead of the thief. All it takes is to use the available tools and services to protect against fraudulent activities.

Like I mentioned before, the easiest way to protect ourselves is to act preventively. What can be such a form of prevention is the very creation of an account at www.bik.pl – by doing so, we can act quickly and launch a number of security services. It is worthwhile to remember, however, that the best method is to open an account at BIK before anything happens. For example, those who have an account at bik.pl, can benefit from the free online service involving immediate cancellation of ID cards.

As at today, over a million Poles actively use the online services of BIK. These are most often people who like to have control over their finances – they reach for an interactive report with detailed credit history and for a Credit Analyser – to assess the odds for taking out a credit of their desire. The BIK Report (Raport BIK) may be downloaded after registering an account at bik.pl and confirming the user’s identity. The report contains all credit liabilities, both towards banks and loan companies, that have been reported to BIK for a given PESEL number. A clear, graphic representation of the status of individual loans allows the user to quickly determine whether any payments are overdue, or whether a loan they are not familiar with has been (fraudulently) assigned to their PESEL number.

More and more often, BIK customers reach for active protection against frauds and activate BIK Alerts (Alerty BIK). Once we have activated this service, the Alerts watch over us. It is a very convenient solution, especially in the age when people are constantly busy and take a vast range of activities online.

BIK Alerts are text messages or e-mails to be delivered upon someone’s attempt to take out a loan or a credit using our data. Such a message will be helpful to save users from suffering financial losses. It renders quick reaction possible, which is crucial in the event of attempted fraud. The BIK Alert contains the date and name of the institution where the fraudulent application has been filed. The text message we send also contains the BIK hotline number. What will be certainly valuable in the face of this stressful situation, where fraud has actually taken place, is the help of an adviser who guides us in clarifying the matter and provides us with the necessary documents, e.g., a template of a notification about a crime.

Do the alerts concern only the unique knowledge gathered by BIK, namely, they will notify us in the event of an attempt to take out a loan or credit?

The Alerts have a much wider reach. They will also notify us when someone signs a contract on our behalf, e.g., with a telecommunications company for the purchase of an expensive subscription phone. It is owed to the monitoring of inquiries for data from the BIG InfoMonitor Debtors Register. In a nutshell, our service provides the widest range of safeguard measures in the Polish market. Alerty BIK as the service sends warnings from two databases of the BIK Group: from a credit bureau – BIK, and from the BIG InfoMonitor Debtors Register – the popular BIG. The entire banking sector, the largest loan companies and key service providers – telecommunications, leasing and factoring companies cooperate with the BIK Group, and verification of the data of potential borrowers at BIK is embedded in the procedures of financial institutions. BIK itself cooperates with nearly 750 institutions – with all commercial and cooperative banks, credit and saving unions and the largest loan companies in the market.

Do the Alerts protect only individuals or is it an offer for companies as well?

You have raised a very important issue. BIK solutions also enhance security of business activity. Companies may take advantage of both the Report and the BIK Alerts as well – all they have to do is to add a business account (by providing NIP – Tax Identification Number) to the account of a private user. Reports identifying credit liabilities of a business may be generated then, and additional Alerts may be triggered to protect against fraud schemes in which company data are used.

This is very important protection because we must be aware that detailed information about those holding high-profile positions, in particular, company owners and representatives, is available publicly. It may be found, inter alia, in the National Court Register, in powers of attorney, contracts, as well as in land and mortgage registers. Such persons are an easy target for criminals and may fall victim, for instance, to credit frauds.

How can the Alerts be triggered?

The Alerts can be activated without leaving home. All we need to do is just register at www.bik.pl and activate the Alerts. It can also be done using the My BIK App to be protected in our own smartphones. Having created an account, confirmed identity and activated the BIK Alerts, the service is launched immediately and is active 24/7/365.

Joanna Charlińska, Sales Director, BIK

A graduate of the Faculty of Management at the University of Warsaw. She also completed postgraduate studies at the Warsaw School of Economics in the field of project management. She started her banking experience in 2002, specialising in consumer products and credit analysis. For 15 years associated with Biuro Informacji Kredytowej. At early stages, for 6 years she held expert positions in the Marketing Department related to the area of services for individual customers, she represented BIK on the international forum during meetings of credit bureaus. She is the project leader under which customers can access BIK’s products in online banking. Since 2012, she has been the Sales Director in the Consumer Market Department. She is extensively skilled in co-creating BIK services addressed to retail customers. Responsible for the development of service sales channels in cooperation with institutional customers, incl. with banks, insurance companies.

Last Updated on June 24, 2021 by Karolina Ampulska