MPs criticise banks on online fraud despite declining losses
Official figures put fraud bill at £46.7m for 2010
A House of Commons Treasury Select Committee report has criticised banks for failing their customers in the fight against online fraud.
Members of the influential committee criticised banks as being "unprepared" to deal with internet fraud as part of a wider study into retail banking, whose main conclusions called for greater transparency on charges and steps to make it easier for consumers to switch accounts.
MPs criticised banks on fraud prevention despite official figures from UK Payments, published last month, that show online banking fraud losses totalled £46.7 million in 2010, a 22 per cent fall on figures for 2009. Better fraud detection software from banks and improved customer awareness of the need to guard against phishing scams and malware is credited with the improvement.
Security experts said it was wrong to tar all UK banks with the accusation of being weak on cybercrime.
David Belchick from IT security software developer ActivIdentity, said: "The Treasury Select Committee was correct in highlighting the issue of online banking security as recent research shows that attacks on large corporations such as banks has doubled since 2008, and the damage costs more than tripled.
"While we agree with the Treasury Select Committee that there can be improvements in online security, we caution against the typical rush to judgment that all banks are not doing enough," he added.
Belchick said that if MPs were serious about banking security they should impose tougher regulations, such as the requirement to provide two-factor authentication for bank logins (a step that would help firms that sell the technology, of course, such as ActivIdentity).
"Regulatory guidelines for strong, versatile authentication have been established in the United States, India and other nations. If the Treasury Select Committee desires real change, it will establish a panel or organisation, such as the UK Payments Association, to set regulations to protect all UK banking customers." ®
Do these "fraud losses" only include money lost by the banks?
Because in a lot of cases the bank tells the customer that they authorised it and it's their problem. Of course you can only estimate how much money is lost by the customers to fraud because presumably some of them really are lying or mistaken, but even a rough estimate would be useful.
Does not compute
Interesting - this report says cost of cyber-crime to banks (i.e. real dosh lost) is less than £50million.
So how come we regularly see reports like:
which reckons that 'the UK economy is losing £27bn a year' due to cyber-crime, of which "£1.3bn goes thanks to direct online theft."
Someone needs to buy a calculator.
You have to know what the stats are measuring. The £47m figure is just for online banking fraud, so phishing and malware etc. against bank accounts. Actually most money lost online is credit & debit card fraud, which is measured separately and is a much bigger (although also declining) figure of around £400m.
The Select Committee Report's conclusions are actually pretty bizarre when read in context.