Internet 'Bank Heist' Puts Spotlight On Security

greenspun.com : LUSENET : Grassroots Information Coordination Center (GICC) : One Thread

Internet 'Bank Heist' Puts Spotlight On Security

(08/24/00, 8:40 p.m. ET) By Ken Schachter, TechWeb News A security breach headlined as the "first Internet bank robbery" by the British press has put online bankers on the defensive and prompted warnings to consumers.

British police reportedly arrested three men Tuesday in connection with an effort to bilk the British online bank Egg. The suspects allegedly conjured up fake identities online to get credit cards and loans. Police also said that the scam might have extended to other Internet banks.

Will the case stunt the growth of online banking?

"Any time there's fraud or you have people getting in and seeing account information, it's a setback for any type of financial services," said George Barto, banking services analyst at Dataquest.

The effect is amplified by the news coverage, Barto added.

"It definitely has an impact psychologically," he said. "It gets compounded when the media overplays it. It was bad publicity for the Internet and online financial services on the Internet."

The amount reported stolen varied, but the high figure -- $14,817 -- was hardly likely to put a dent in a bank, online or off. In any case, Egg, a subsidiary of Britain's Prudential Bank, said no customers were affected by the fraud.

Although the British press labeled it the first Internet bank robbery, several cases of pilferage have previously been reported in the United States.

Perhaps the most serious case involved Wingspan Bank. In trying to recruit 1 million customers in its first year, Wingspan, a division of Bank One, had such lax security that it sent checks to customers in some cases before they deposited money. The bank ended up with a pool of questionable accounts, many of which it later had to purge.

Still, Barto said technology is available "to prevent these things from happening -- but sometimes they aren't implemented."

Norine Richards, regulatory architect at risk-management consultant Predictive Systems, New York, said people shouldn't be afraid of online banks, but they need to evaluate them "just as they would a brick-and-mortar bank."

People should look at an Internet bank's confidentiality and security policies, Richards said.

"This is just another means of product delivery," she said. "And like all the others, there are risks."

http://www.techweb.com/wire/story/TWB20000824S0018

-- Martin Thompson (mthom1927@aol.com), August 24, 2000


Moderation questions? read the FAQ