Fraud is an increasing threat to online commerce and thus requires increasing countermeasures. Current and emerging counter-fraud strategies and technologies focus on authentication, monitoring, risk-based controls, and fraud intelligence. Capabilities in these areas are still maturing, however — even their sophisticated implementation will only manage to keep losses at current levels. To substantially deter fraud, organizations will ultimately need a new approach to establishing and using identity online.