Think-tank the Foundation for Information Policy Research today launched a scathing attack on the UK's internet banks.
Think-tank the Foundation for Information Policy Research (FIPR) today launched a scathing attack on the UK's internet banks.
The group said web banks are acting irresponsibly by not developing adequate security and holding customers responsible for online fraud.
The FIPR argued that UK internet banks fail to encourage the development of adequate security measures, preventing the banking system from playing its proper part in the development of ecommerce.
The group criticises a number of banks, including Bank of Scotland, Egg and Halifax, which claim that their systems are so secure that any fraud must be the fault of customers.
According to the FIPR, the crux of the online debate is based on a lack of understanding about who should be responsible for security in the online world. In standard transactions, if a bank debits a customer's account from a forged cheque, it must credit the account.
Security measures, such as signatures on cheques, prevent this system from being abused by making it impossible for customers to cancel any debit by claiming that it is a forgery.
But should the bank have a cheque bearing a signature that is virtually indistinguishable from the customer's, "then the customer cannot expect to succeed by mere unsupported denial", said the FIPR.
The situation becomes more complex in an online environment, where the bottom line is that customers will in effect have to rebut the electronic evidence produced by the bank, and in some cases may be unsuccessful even if transactions are proven to be fraudulent.
Information security consultant Brian Gladman, said the debate about non-repudiation over electronic fraud between the bank and the customer is the cause of much frustration between lawyers and engineers "whose arguments pass through one another like angry ghosts".
Apparently, this situation will force banks to rethink liability and security issues in the New Economy. "The provision of online services is one of the most effective uses of the internet for ecommerce, and is a valuable sector for just such enterprises. But when payment is made through existing card systems it attracts the greatest risk to merchants," said Gladman.
First published on uk.internet.com
See also:
The UK's online banking pioneers have run into some problems. We look at what they are doing to turn around their fortunes.
08 Dec 2000Internet security researchers have warned that hackers are planning to launch internet-based denial of service attacks on web retailers over the Christmas period.
16 Nov 2000
Roger Moore, who played British secret agent James Bond in the 1970s and 1980s, has had his Swiss bank account details published on the web following an error by bankers Credit Suisse.
09 Nov 2000Microsoft has issued a patch to prevent a potentially devastating vulnerability with its network management software that could allow an attacker to gain control of a victim's host system.
06 Nov 2000The Royal Bank of Scotland (RBS) is hoping to benefit from users' distrust of spending online by routing ecommerce payment requests directly through its own network.
02 Nov 2000UK bank Alliance and Leicester has announced plans to web-enable its business, which it said will help it to cut its yearly costs, but will mean the loss of 1500 jobs by 2003.
31 Oct 2000The Allied Irish Bank has ditched plans to launch a standalone internet bank, saying that it sees more of a future in the development of 24-hour online services as a supplement to traditional banking.
30 Oct 2000Forget the European currency debate, electronic money is set to radically change the way we buy goods and services.
20 Oct 2000A security hole in Lloyds TSB's internet banking service is finally to be fixed, nearly two months after a customer alerted the bank to the problem.
19 Oct 2000More than a third of online purchases are not fulfilled on time, according to the latest research from the Trading Standards Institute.
13 Oct 2000While the threat caused by recent security beaches at a raft of online banks may have been exaggerated, such organisations need to take the initiative in educating users about security procedures if they are to boost consumer confidence.
03 Oct 2000Although many hackers argue that they are merely airing grievances rather than causing malicious damage, website administrators may unwittingly find themselves subject to libel action if their web pages carry defamatory material.
02 Oct 2000Claims that millions of US online bank accounts were easy targets for cyber criminals have been dismissed by the company hosting the servers.
25 Sep 2000The external supplier believed to be responsible for managing the areas of HSBC's website vandalised by a hacker this week has been criticised in connection with the incident.
22 Sep 2000From Sheffield City Council to Hong Kong and Shanghai Banking Corporation, via Legoland.
21 Sep 2000
HSBC's UK internet site and three of its international sites have been hacked as part of an ongoing campaign in support of the fuel protest.
20 Sep 2000While security has always been an issue, the ability of organisations and individuals to keep their confidential data safe not only from prying eyes but also from attack is becoming an ever greater concern. The problem is becoming particularly marked as the world becomes more networked and companies conduct increasing amounts of business over the internet. Here we look at a range of issues that are starting to affect every one of us.
29 Jun 2000
del.icio.us
Digg this
reddit!
