Number of Identities

Description

Number of personal identities the software stores or transmits.

A black market for personal identities, names, addresses, credit card numbers, bank account numbers, has developed. In 2011, a personal identity could be bought (in groups of 1000) for 16 US cents[^3]. One component of software security risk is the presence and use of personal information, represented by the number of identities accessible to the software.

Data Collection

Work with the team to count or estimate the number of personal identities managed by the software. A browser might manage one or two identities, while a database system might manage millions.