A method, system, and program providing identification usage fraud protection are provided. A context for a use of an identification via a communication line is detected at a fraud protection service. The context for use of the identification is analyzed in view of multiple previous uses of the identification. A level of suspicion of fraudulent use of the identification is specified according to the analysis of the context. Depending on the level of suspicion, further use of the identification may require additional authentication or may be barred. The identification may include a user name, an account number, a password, or other identifier that may be utilized to represent an individual in accessing products and services.