All the latest UK technology news, reviews and analysis
|
|
|
11 Jul 2008
A House of Lords committee has called on the government to make banks, not customers, legally liable for internet fraud.
The House of Lords Science and Technology Committee called for legislation to force banks to cover customer losses incurred through e-crimes in its follow-up report into personal internet security published in August 2007.
The report claims that, under the current system, banks often deny liability for password and Pin fraud, claiming customer negligence or even complicity in the fraud.
"We reiterate our strongly held view that the current reporting sequence is wholly unsatisfactory and that it risks undermining public trust in the police and the internet," says the report.
The committee also recommended that victims of cyber-crime should be able to report incidents directly to the police, reversing the current process which requires them to report incidents to their bank.
The peers also called for a data breach notification law that would require organisations publicly to acknowledge breaches when customer security has been compromised.
The report acknowledged recent proactive moves in terms of protecting UK citizens from online crime, following the government's embarrassing data breaches.
"A level of indifference on the part of the government has now been dispelled only as a result of recent incidents involving serious losses of personal data, " the report said.
The call was backed by Bill Beverley, security technology sales manager at F5 Networks.
"If people were to adopt best practices, many of these data breaches would not have occurred," he told vnunet.com.
Beverley believes that this move would "add some teeth to the legislation" and help spur complacent companies into action when it comes to the protection of data and the liabilities involved when breaches occur.
He added that it is imperative that government agencies are held to the same standards at private companies.
Latest stories from Security
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
My multi- national Partner client has charged me exclusively...
Senior IT Operations Engineer -MCSE, IIS7/7.5, SAN, CDN...
I have an urgent requirement for short term contract...
User Interface Developer x 1/2 - Leading Organisation...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?
Investment has already been made by the banks
Significant investment has already been made by the financial sector over the past few years in combating fraud. Real-time card fraud detection using advanced analytics; biometrics; Chip and PIN, security dongles and random generated passwords are just some of the methodologies deployed to protect customers. Behind them sit complex, sophisticated analytics and modelling engines, constantly evolving encryption engines and an entire industry dedicated to protecting the customer. On the other side of the fence sit the fraudsters. Teams of highly intelligent computer experts, who are trying to keep pace with the developing technology! But there is a third element in this ? the actual customer themselves. We have all experienced phishing attacks. Ah yes , one thinks as one opens the mail, I bank with you therefore I will gladly share my personal details, PIN number, date of birth and mothers maiden name with you. How many times have banks stated that they, nor their employees, would seek anything as personal as a PIN number? Why should the banks be made culpable when the actual issue may be the consumer themselves. It is not necessarily the banks fault but may be the naivety of the individual that causes the problem, despite best efforts to educate them.
Posted by: Mark Elkins, Financial Services Manager, SAS UK 22 Jul 2008
Arritating that Banks Don't Even Acknowledge forwarded Notification
It really irritates me when I receive an email that's nothing but an obvious attempt at obtaining my personal information. Then when I forward it to the appropriate bank they don't even acknowledge receipt in the form of a thank you or even a standard form letter expressing how they take this sort of thing seriously & will investigate fully who is responsible.. It makes one think that they could care less..
Posted by: Lance 12 Jul 2008