NZ: Online banking and fraud

March 11, 2008 at 11:20 pm 2 comments

It’s a rare pleasure to publicly hear from Stu Woollett (head of e-business at Westpac). That makes his article Internet banking less risky than driving a car a blog-worthy event.

I’ve previously expressed admiration for Westpac’s approach to online banking. For example, they don’t use 2FA and yet are the only major bank that has a guarantee which “promises to reimburse customers for any losses they suffer through Internet banking fraud.” Contrast this with the approach of most other banks who still want to make customers liable even when things are really beyond their control.

So when Stu talks, I listen. And sure enough his article had a few nuggets:

– “As a bank we’re acknowledging that cyberspace can be an unsafe place, but the bank can’t lean on customers to make it safe.”

– “We don’t make it a condition that you have to shell out for the newest, fanciest firewall or anti-virus software. We’ve got all that covered, and more, which is why we’re confident about offering our online guarantee to our customers.”

-“Our January statistics show us that we had nearly four million total logins. We had only one customer affected by a fraudulent transaction and they were refunded under the terms of our guarantee. Some months it doesn’t cost us a thing, and we’d like every month to be a clean month.” [emphasis added]

Wow, 1 fraudulent transaction in 4 million. That’s a pretty incredible statistic and helps put all the media stories about the dangers of transacting online in perspective.

That’s not to say that there aren’t dangers in transacting online. What it does mean is that a combination of security in depth that includes smart back-end systems combined with a commitment to make it work for customers provides the right economic setting for the service provider, not the customer, to take on and manage the risks.

I’m sure Bruce Schneier would approve.

Advertisements

Entry filed under: 2FA, authentication, fraud, NZ, security.

U-Prove intentions SSC: official moves

2 Comments Add your own

  • […] NZ: Online banking and fraudI’ve previously expressed admiration for Westpac’s approach to online banking. For example, they don’t use 2FA and yet are the only major bank that has a guarantee which “promises to reimburse customers for any losses they suffer … […]

    Reply
  • 2. ndonye83  |  March 18, 2008 at 4:45 am

    Stu-Woolett’s article about banking on the net is enlightening, if somehow defensive. But all said and done, I think that at least statistically speaking, her assertion that banking on the net is safer than driving a car is in fact true. One thing that banking on the net has been a victim of is bad press. The cases that are reported are the exceptions, rather than the rule. Of course, this is how it should be, for the media reports when a man bites a dog, not when the dog bites the man, which is the rule. What is not amusing however, is that, as Woollett rights notes, this reports are not put in context. As a result banking on the net experiences the same effect that is seen in pharmacy where side effects are reported without the stats, and everybody ends up fearing them, when in fact they affect only a negligible minority. All said and done, however, the banks have invested in almost foolproof security systems, and the few security lapses that do occur are exceptions and most are in part aided by the victim, mainly out of ignorance. The risks of banking on the net don’t, at least outweigh the risks we had in traditional banking, yet banking on the net offers innumerable benefits, otherwise unattainable. The verdict: Bank on the net. The world is doing, and it is not going to wait for anyone. Technology is risky, but it keeps on getting better by the day, and it is just a matter of time before completely foolproof banking applications are made.

    Reply

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Trackback this post  |  Subscribe to the comments via RSS Feed


This blog is no longer updated. See the About page for more info. I'm currently active on Twitter.

Follow me on twitter

Error: Twitter did not respond. Please wait a few minutes and refresh this page.

Feeds


%d bloggers like this: