[LINK] Consumer computer security

Alan L Tyree alan at austlii.edu.au
Tue Jan 23 14:35:42 AEDT 2007 

On Tue, 23 Jan 2007 14:08:07 +1100
Marghanita da Cruz <marghanita at ramin.com.au> wrote:

> Alan L Tyree wrote:
> > On Tue, 23 Jan 2007 13:00:08 +1100
> > Marghanita da Cruz <marghanita at ramin.com.au> wrote:
> > 
> > 
> >>Alan L Tyree wrote:
> >><snip>
> >>
> >>>Or this one with the same bank. Banking practice here made the
> >>>fraud almost inevitable, and then the Victorian Court of Appeal
> >>>let them get away with it: 
> >>>http://www2.austlii.edu.au/~alan/fraud-by-design.html
> >>
> >>...
> >>On the handful of occassions I ring my (not westpac) bank's
> >>telephone call centre, the operator insists I have to set a
> >>password. When I refuse, they set one for me, saying it will speed
> >>up future processing! As I do not use Internet or Telephone banking
> >>- I am guessing/hoping that if there is a fraud on my account, the
> >>issue will be resolved with a minimum of fuss.
> >>
> >>Note, I do have some confidence in my bank as they have detected
> >>and addressed an Internet Fraud on my credit card.
> >>
> >>With regard to physing, if a username/password is captured in a
> >>phishing scam, don't they also
> >>need to fake the IP address?
> > 
> > 
> > Well, no, I don't think so. I have never heard that the banks do
> > anything other than rely on the login/password scheme. That is one
> > of the things that I am complaining about in my submissions to ASIC.
> <snip>
> 
>  From a consumer perspective, wouldn't it would be better to leave
> Banks to decide what they use to authenticate users and the
> information they log about transactions. This would put the onus on
> them to prove the source of a fraud and demonstrate due care of their
> customers funds.

Yep. What I meant was that I am complaining that the banks do nothing
but are still trying to throw liability onto the consumers. I agree
with you, let the banks do what they want, but also bear the costs of
it.

The current EFT Code does that, more or less. The proposal before ASIC
(Q28 in the Discussion Paper) would change that.

> 
> Marghanita
> -- 
> eMarghanita da Cruz
> http://www.ramin.com.au/
> Telephone: 0414-869202
> Ramin Communications Pty Ltd
> ABN: 027-089-713-084
> 
> 
> 
> 


-- 
Alan L Tyree                    http://www2.austlii.edu.au/~alan
Tel: +61 2 4782 2670            Mobile: +61 427 486 206
Fax: +61 2 4782 7092            FWD: 615662

More information about the Link mailing list