[LINK] Consumer computer security
Marghanita da Cruz
marghanita at ramin.com.au
Tue Jan 23 14:08:07 AEDT 2007
Alan L Tyree wrote:
> On Tue, 23 Jan 2007 13:00:08 +1100
> Marghanita da Cruz <marghanita at ramin.com.au> wrote:
>
>
>>Alan L Tyree wrote:
>><snip>
>>
>>>Or this one with the same bank. Banking practice here made the fraud
>>>almost inevitable, and then the Victorian Court of Appeal let them
>>>get away with it:
>>>http://www2.austlii.edu.au/~alan/fraud-by-design.html
>>
>>...
>>On the handful of occassions I ring my (not westpac) bank's telephone
>>call centre, the operator insists I have to set a password. When I
>>refuse, they set one for me, saying it will speed up future
>>processing! As I do not use Internet or Telephone banking - I am
>>guessing/hoping that if there is a fraud on my account, the issue
>>will be resolved with a minimum of fuss.
>>
>>Note, I do have some confidence in my bank as they have detected and
>>addressed an Internet Fraud on my credit card.
>>
>>With regard to physing, if a username/password is captured in a
>>phishing scam, don't they also
>>need to fake the IP address?
>
>
> Well, no, I don't think so. I have never heard that the banks do
> anything other than rely on the login/password scheme. That is one of
> the things that I am complaining about in my submissions to ASIC.
<snip>
From a consumer perspective, wouldn't it would be better to leave Banks
to decide what they use to authenticate users and the information they
log about transactions. This would put the onus on them to prove the
source of a fraud and demonstrate due care of their customers funds.
Marghanita
--
eMarghanita da Cruz
http://www.ramin.com.au/
Telephone: 0414-869202
Ramin Communications Pty Ltd
ABN: 027-089-713-084
More information about the Link
mailing list