UK Banking Sector fire fighting response to online fraud

Rather than selecting the most effective online security methods, some UK banks are opting for either the quickest or easiest to deploy usually in response to a fraud emergency.

Otherwise, banks are choosing an approach that they believe is least inconvenient for customers, rather than safest.

Certain banks have supplied their online banking customers with hand-held chip and PIN card reading devices to create one-time-use pass codes for customers to access their accounts via the internet.

This enables users to authenticate themselves when logging in and sign transactions, so achieving the highest levels of security.

Barclays Bank working with Gemalto's smart card reader - has recently reached one million customers in the UK using this approach and RBS has since followed suit. As a result, not one Barclays Bank customer using the card reader system has experienced fraud since roll out began in July 2007.

But despite the UK payments association, APACS, endorsing this method two years ago, not all banks have responded.

According to Gemalto, hackers will go where it's easiest to defraud. So when a bank increases its level of protection they transfer activities to banks with greater exposure or to a country with less sophisticated online security methods.

For example, Switzerland, the UK and the Nordic countries used to experience the worst instances of fraud. Now businesses based in these countries are implementing more robust security measures, the criminals are switching to the rest of Europe, including France, Spain and Italy.

Barclays Bank, before supplying portable card readers to its customers, had a high level of exposure to online fraud, where now it has reduced it to zero. But attempted fraudulent attacks on Barclays only represent one per cent of the total number in the UK.

With the main threats to online banking consumers coming from "phishing" where fraudsters obtain personal bank details by enticing people to fake websites via seemingly authentic emails banks need to focus on having the right fraud solution in place and educating the customer about how they might be targeted.

Alongside online retail banking and e-commerce fraud, Gemalto identifies "white collar" fraud as an ongoing problem:

Internal threats pose an even greater problem than external for companies, where employees are using sophisticated methods to circumvent corporate security policies and transfer funds from the company's bank account.

In order to prevent this, firms need to introduce techniques such as smart cards or USB devices to ensure only specified people have the authorisation to carry out financial transactions and access confidential data.

Moneyextra.com recommends you take independent financial advice before acting on any article

2008-08-28 00:00:00 © Moneyextra.com