UNITED KINGDOM / GLOBAL
Brunswick: Banks are responding to threats.
The British government report places responsibility for combating online financial fraud squarely on the banks, challenging the view that Internet security is the ultimate responsibility of the individual. It claims this attitude compounds the perception that the Internet is a lawless “wild West.”
Although the incidence and cost of e-crime are known to be huge, no accurate data exists. Internet security provider VeriSign claims that the level of “bad traffic” (including denial-of-service attacks, email spam and phishing) was reaching 170 times the basic level of Internet traffic; by 2010 it is predicted to be 500 times the basic level.
The UK bank payments association, APACS, recorded more than 1,500 “unique” phishing attacks directed at UK banks in September 2006, up from just 18 in January 2005.
The report recommended the establishment of a framework for collecting and classifying data on e-crime, and “more rigorous and coordinated analysis” of the incidence and costs of such crime. It also talked about deployment of security software at ISP level, the need for a dedicated regulator for the online world and for governments to increase banks’ fraud liability.
Steve Brunswick, strategy manager for the e-security division of Internet security specialist Thales, says financial institutions are already considering stronger Internet security and points out that a recent survey of UK banks found a significant proportion planned to roll out “two-factor” authentication (which uses two different means for authenticating someone’s identity). Brunswick warned that declining customer confidence in Internet banking could drive customers back to in-branch banking—a strong business incentive for banks to invest in two-factor authentication.