Banks Lax on Authentication and Transaction Security

Monday, January 03, 2011



Gemalto's head of online security and authentication systems Adam Dolby says U.S. banks are not doing enough to secure online transactions and account access.

Even worse, Dolby says what efforts have been made to increase security have actually presented more opportunities for criminals to perpetrate online fraud.

In an interview with the Information Security Media Group, Dolby says that security efforts by U.S. banks is not proactive enough.

"This is like trying to act against crime but starting with a dead body and investigating backward, rather than actually trying to stop people from getting whacked in the first place," Dolby says.

Dolby urges American banks to follow suit with advances made by their European counterparts.

"We see more authentication at the corporate and retail levels in Europe," Dolby stated.

Complicating matters for banking customers who find themselves victims of breached accounts is that banks are only required to maintain "sufficient" standards of security, a moving target based on the average level of security employed by the industry as a whole, as far as legal liability is concerned.

It is possible that courts could hold banking clients responsible for losses if they deem the bank's security measures were on par with the industry average, even if that average standard is woefully inadequate to secure funds.

Possibly Related Articles:
Network Access Control
Legal Passwords fraud Authentication Banking Online Banking Headlines
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.