Milestones : Banks On The Spot Over Internet Fraud



Brunswick: Banks are responding to threats.

The Internet has become a “playground for criminals,” and it is up to banks and other online service providers to make it safe for consumers to go online, according to a UK parliamentary report on e-crime. The report, titled “Personal Internet Security,” says online banking fraud is one of the biggest problem areas. It also says that today’s “bad guys” are not just lone hackers but belong to highly skillful and specialized organized crime groups. “They want to stay invisible, and so far they have largely succeeded,” the report says.

The British government report places responsibility for combating online financial fraud squarely on the banks, challenging the view that Internet security is the ultimate responsibility of the individual. It claims this attitude compounds the perception that the Internet is a lawless “wild West.”

Although the incidence and cost of e-crime are known to be huge, no accurate data exists. Internet security provider VeriSign claims that the level of “bad traffic” (including denial-of-service attacks, email spam and phishing) was reaching 170 times the basic level of Internet traffic; by 2010 it is predicted to be 500 times the basic level.

The UK bank payments association, APACS, recorded more than 1,500 “unique” phishing attacks directed at UK banks in September 2006, up from just 18 in January 2005.

The report recommended the establishment of a framework for collecting and classifying data on e-crime, and “more rigorous and coordinated analysis” of the incidence and costs of such crime. It also talked about deployment of security software at ISP level, the need for a dedicated regulator for the online world and for governments to increase banks’ fraud liability.

Steve Brunswick, strategy manager for the e-security division of Internet security specialist Thales, says financial institutions are already considering stronger Internet security and points out that a recent survey of UK banks found a significant proportion planned to roll out “two-factor” authentication (which uses two different means for authenticating someone’s identity). Brunswick warned that declining customer confidence in Internet banking could drive customers back to in-branch banking—a strong business incentive for banks to invest in two-factor authentication.

Anita Hawser