[LINK] A security question
Scott Howard
scott at doc.net.au
Thu Dec 19 12:20:29 AEDT 2013
On Wed, Dec 18, 2013 at 4:25 PM, Roger Clarke <Roger.Clarke at xamax.com.au>wrote:
> >(2) The actual level of successful hacking is passably low
>
> I think that factor needs re-phrasing, e.g.:
>
> (2) The level of successful hacking that costs banks serious money
> or material reputational harm is sufficiently low.
>
Rephrase it however you want, it's wrong.
Whilst it's true that some banks have relatively low losses, many do have
very real losses. I was talking to one particular bank recently who was
losing over a million dollars a week due to Internet Banking fraud. This
certainly puts them at the high end of the scale, but they certainly aren't
unique.
>From what I've heard the Australian banks have less of a problem than those
in many other countries, but it's only a matter of time.
The challenge for the banks is exactly what's being discussed - how to
balance the impact to the user of additional security, v's the cost of the
fraud occurring. There are numerous products that banks use to attempt to
detect/block fraudulent logins and transactions - many of which are either
somewhat or even completely transparent to the end user - but at the end of
the day no product works perfectly.
Scott
More information about the Link
mailing list