ZDNet UK


Skip to Main Content

ZDNet.co.uk - Winner of Best Business Website 2007
  1. Home
  2. News
  3. Blogs
  4. Reviews
  5. Prices
  6. Resources
  7. Community
  8. My ZDNet

 

ZDNet UK RSS Feeds


IT Jobs

Security threats Toolkit

Banks lash out at security study

Dan Ilet ZDNet.co.uk

Published: 19 Apr 2005 15:20 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

The UK's online banking industry has hit back at a security company that accused them of failing to protect customers.

The Association of Payment and Clearing Systems (APACS) rejected comments made by security company Information Risk Management (IRM) over a study which claimed that the security standards practiced by online banks are too low.

"We do not agree that the UK has a 'low standard in online banking security' and feel that the IRM survey takes a very narrow view of the issue, as well as containing a number of inaccuracies," claimed Tom Salmond, APACS consultant, in an email to ZDNet UK.

"Unfortunately they seemed to be determined to generate some PR for themselves around a scare story which doesn't help anyone. There are some fundamental underlying issues which were not covered at all," Salmond added.

IRM said that the 18 banks it tested failed to provide customers with supplementary authentication tools beyond usernames and passwords. It said 13 of those banks were susceptible to long-term hacking attacks through the use of password-stealing programs and identity theft scams — sometimes known as phishing attacks. Although APACS did not deny this, Salmond said that it was working with the Financial Services Association to protect customers.

"There are a range of controls which have been introduced and constantly refined to meet this goal. It is important to remember that fraud prevention systems have been deployed behind the scenes to detect and prevent fraud and a raft of initiatives are in hand to reduce the impact of financial crime overall. Banks are also actively examining a range of authentication solutions which can be deployed to enhance the controls already in place, but the IRM survey did not cover any of this, " wrote Salmond.

IRM highlighted that the FSA's Hong Kong counterpart had issued guidelines to force online banks there to supply customers with two-factor authentication, such as fingerprint readers, smart cards, or one-time password tags.

"What works over there may not necessarily suit the UK," added Salmond. "IRM are also wrong to state that 'it is the users who are suffering financial loss', as all banks will protect customers from Internet fraud in line with their published guarantees."

IRM had not responded to requests for comment at the time of writing.

  • Email
  • Trackback
  • Clip Link
  • Print friendly Print with Dell

Did you find this article useful?
61 out of 133 people found this useful


Talkback

Post a comment


Full Talkback thread

2 comments

  1. i complained to my bank while all around them trie... anon
  2. your article is beautiful, but the term you have u... Anonymous

Related Links

More In Security threats


Company/Topic Alerts

Create a new alert from the list below:




Related Jobs

Commodities IT. Database and development role. London Investment Bank

If you have a good educational background, solid database skills (good level of SQL and excellent performance tuning skills) and knowledge or ...

Financial Services - Risk and Compliance

Specific Technical Experience The individual will need change programme and systems implementation experience in a selection of the following areas: ...

SAP FICO CONSULTANT NEEDED - LONDON

E-business solutions to retail and investment banks throughout Europe. Our client is a European leader in Financial Service Consulting, specifically ...

Featured Talkback

What was achieved there is recognised to be of fundamental importance to both winning the war (Churchill visited to say 'thank you' to them) and the development of the computer. Maybe Bill Gates doesn't want to support this museum because it underlines where electronic computing started i.e. here, not the U.S.

By: 1000103773

Read full story:
Bletchley Park faces bleak future

Sentry Posts Blog

Mobile Security Expert: Your Camera Ph...

Mobile Security Expert: Your Camera Phone Got Hacked Author: Eric Everson, Founder MyMobiSafe.com Have you ever heard someone say “I’d like to be a fly on the wall in that room.”?... More

Post a comment

Skype - The Roach Motel

Here is an interesting article from The National Business Review, pointing out once again that you can never delete a Skype account. Never. Period. This is something I am familiar... More

Post a comment

The vPhone: Why Visa Should Go Mobile

The vPhone: Why Visa Should Go Mobile Author: Eric Everson, Founder MyMobiSafe.com With all of the success of Apple’s iPhone, there is a growing case to support a company like Visa... More

Post a comment

Featured Oracle Resources

businessfirst: Ideas to help small companies retain their successful entrepreneurial spirit

Oracle ONE Magazine: Technology solutions for midsized businesses February 2008 edition

Choosing a Reliable and Powerful IT Infrastructure at a Price You Can Afford

Database Consolidation: Reducing Cost and Complexity

Ensuring Data Protection for Growing Business

Oracle for medium and emerging businesses: protect, strengthen and enhance your organisation

Oracle partner network solutions catalogue

See All White Papers