HSBC's bankrupt security thinking
Published: 20 Sep 2006 16:50 BST
Imagine a government information film that said only bad people buy locks because this encourages thieves to go after the lockless. Imagine then the protests from public and law enforcers alike at such dangerously twisted thinking. But then, no organisation could be that clueless.
Or so we thought. HSBC proved us wrong this week, when it attacked rival banks for introducing two-factor authentication. By introducing stronger protection for their customers, it argued, banks such as Barclays were unfairly singling out rivals such as HSBC as easier pickings for hackers and criminal gangs.
To normal people, that's as perverse as imposing a penalty charge that breaks an overdraft limit, then imposing a penalty for that too. In other words, it's frighteningly normal — for bankers. This kind of thinking stems from the endemic short-sighted, profit-fixated culture that characterises retail finance. Clearly, at HSBC, customer protection comes somewhere below outsourcing support abroad and just above the rights given to cleaning staff, an annoyance that only becomes worse if someone else takes it seriously.
HSBC's competition has realised that secure customers are more likely to hang around, and the competitive advantage of this approach has started to hit home. But a truly customer-centred approach to security would see the banks and other financial institutions working together to create a secure environment, one where the sector as a whole regains the reputation for safety that it once held in the pre-electronic era.
If companies we trust to protect our hard-earned money are to stand a chance against the ruthless innovations of cybercriminals, then they must stand together. HSBC should be agitating for this, not complaining about some hacker influx looking for an easy mark. If it doesn't, it should ready itself instead for a mass exodus of the community which ultimately governs its fortunes — its customers.
Did you find this article useful?
47 out of 118 people found this useful
Digg
Slashdot
Del.ici.ous
Stumble
Reddit
Full Talkback thread
10 comments
-
What a short sighted piece of so called 'journalis... Asec Mann -
Thank you for your comments. We can only go o... Tom Espiner -
I just wish HSBC would not force Windows... Ian -
I am looking for some clarification on Asec M... Robin Wishart
-
Robin Wishart your Hsbc rips off custome... SHARON -
All of this is quite bizarre seeing as HSBC has it... Tony Harbon
-
Forked tongued Hsbc support Fraud on one hand... Mansur
-
If HSBC's online banking requires I.E. a... Chris Rankin
-
Erm, I use Opera 9 on Windows to ac... Anonymous
-
HSBC's comments on online security make as much se... Greg Collins
