The House of Lords Science and Technology Committee has questioned representatives of Apacs and Visa over online computer crime in the financial services industry.
The witnesses were pressed on what mechanisms the financial industry had put in place to protect people using online banking and other online financial services.
Sandra Quinn, a spokeswoman for Apacs, was asked – with online banking fraud increasing by 90% to £23.2m in 2005 – how much banks are now losing to internet fraud and whether they expected the growth in fraud to continue.
Quinn replied, “We have half year figures for 2006 and the figure stood at £22.5m, an increase of 55% on 2005. The rise won’t be as high in percentage terms as the rise in 2005. But it is certainly not going to be a non-dramatic rise. It is still of concern.”
Apacs’ evidence suggested that the number of phishing incidents rose by 8,000% between January 2005 and September 2006.
The committee asked if this increase was likely to continue. Colin Whittaker, head of security at Apacs, said, “Phishing accounts for anywhere between 25% and 50% of the attacks we see that cause losses on customers’ accounts.
“It seems people are falling victim to phishing attacks less often, which is one of the reasons there has been an increase in the volume of phishing e-mails.”
The Apacs witnesses were then pushed on why they would not name the worst performing banks for online fraud.
Lord Broers, the committee chairman, asked if this was because Apacs was a representative organisation of banks rather than their customers.
Whittaker said, “I don’t think there are any bad or good banks in this case.
“It’s not that banks are or are not secure; as it’s not the banks that are being attacked. It is their customers who are being attacked and the level of security they deploy is relatively equal.”
Sandra Alzetta, Visa vice-president for consumer market development, was asked about the security of online shopping.
She said Visa had introduced the Verified by Visa programme for online merchants to use on their sites.
The scheme enables the customer’s own bank to ask them personal security questions linked to their account, before money is paid to the online merchant they are logged onto.
Comment on this article: [email protected]