You could be held liable for cases of bank fraud if your online security isn't up to scratch
If you need another reason to pay attention to online security, new measures under consideration by banks could sharpen your focus. At the moment, banks in the UK frequently shoulder the cost of online fraud when customers fall victim. But all this could be set to change.
The plans being looked at by banks, GCHQ and the UK government could see people who haven’t taken care of their own online security being excluded from receiving compensation if their account is hacked.
The Financial Times reports that the plans could see people with poor security in place find themselves "frozen out of banking services or even excluded from the system whereby banks compensate customers whose accounts are hacked". Discussions are currently in rather embryonic stages, but even floating the idea is likely to prove controversial.
Banks have found themselves under greater scrutiny in the wake of the financial crisis and spiraling bankers' bonuses, and many would argue that financial institutions have a duty to keep their customers protected, rather than shifting the responsibility to the customer.
The growing rate of ransomware and instances of phishing attacks means that ever-increasing numbers of bank accounts are being hit by hackers. But, as reported by the Register, security experts believe that the proposals are unfair. Olov Renberg, from behavioral biometrics firm BehavioSec says:
It troubles me that bank customers could soon be forced to cover the bill and take liability for fraudulent activity on their accounts. Time and time again government schemes and individual enterprises have tried to teach consumers the best practices of operating online, yet online fraud continues to rise -- why?
It's not because of a lack of awareness. Quite simply, security is no longer a consumer's number one priority when operating online. Today we prioritize convenience online -- meaning laborious tasks such as multiple authentication processes are often side-stepped.
If banks want to reduce fraud for their customers, they need to avoid making consumers the gatekeepers of their own security. If they are selling consumers convenience and always-on availability, then they need to take on the bulk of the security burden themselves and implement security measures that accurately authenticate users without forcing them through frustrating, inefficient authentication barriers.
So what’s the solution? The banks seem to believe that threatening customers into taking security seriously is the route to go down.