Computer Crime Research Center


Banks' security standards too low, study

Date: April 20, 2005
Source: ZDNet UK
By: Dan Ilett

A security company has come under attack from UK banks after it claimed they are falling behind the rest of the world on cybercrime protection

The UK's online banking industry has hit back at a security company that accused them of failing to protect customers.

The Association of Payment and Clearing Systems (APACS) rejected comments made by security company Information Risk Management (IRM) over a study which claimed that the security standards practiced by online banks are too low.

"We do not agree that the UK has a 'low standard in online banking security' and feel that the IRM survey takes a very narrow view of the issue, as well as containing a number of inaccuracies," claimed Tom Salmond, APACS consultant, in an email to ZDNet UK.

"Unfortunately they seemed to be determined to generate some PR for themselves around a scare story which doesn't help anyone. There are some fundamental underlying issues which were not covered at all," Salmond added.

IRM said that the 18 banks it tested failed to provide customers with supplementary authentication tools beyond usernames and passwords. It said 13 of those banks were susceptible to long-term hacking attacks through the use of password-stealing programs and identity theft scams — sometimes known as phishing attacks. Although APACS did not deny this, Salmond said that it was working with the Financial Services Association to protect customers.
Original article

Add comment  Email to a Friend

Copyright © 2001-2013 Computer Crime Research Center
CCRC logo