Is online banking too dangerous?

The Australian Bankers' Association and the Australian Federal Police this week launched a national education campaign to warn Internet banking consumers to protect their information online.

The campaign -- constituting advertisements in newspapers and free consumer fact-sheets -- is due to roll out over the next three weeks.

It contains the messages ZDNet Australia's  obviously tech-savvy readers have heard many times -- install and keep up to date anti-virus software and firewalls, never give out your password, delete spam e-mail and don't access Internet banking from a link in an e-mail.

However, of more concrete use is likely to be a two-stage method of identifying Internet banking customers, set to be introduced across ABA member institutions later this year, which may supplement passwords with tokens and mobile phone alerts.

There is no question Australia's banks are anxious to boost community confidence in their online channels. They have reaped savings worth millions by paring down their bricks and mortar branch networks and replacing them with much cheaper Internet and telephone services. Around 8 million Australians now use Internet banking, with quarterly transaction levels up around the 200 million mark. However, online identity theft has the potential to cripple community confidence in Internet banking, with the inevitable consequence being a greater load on more expensive distribution channels.

Professor Bill Caelli, who heads the Queensland University of Technology's School of Software Engineering and Data Communications, warned in March last year that online banking was fraught with danger and said home personal computers were "no longer safe" from which to conduct transactions. The harsh reality is that, since his remarks, online identity theft techniques are moving ahead apace -- this week, ZDNet Australia  reported on an incident of 'pharming,' a variant of phishing -- and tech security companies and law enforcement authorities are struggling to catch up. The well-publicised move of organised crime into hacking and online scamming, with financial reward rather than notoriety among peers the aim, has increased the threat exponentially.

These worrying developments are happening as consumers appear to be having difficulties with their security obligations as they stand now. According to the Australian Consumers' Association, the requirements associated with updating virus protection software and changing passwords and personal identification numbers are presently proving too much for consumers. In a recent statement, the ACA said consumers "struggle to keep up with such expectations and are uncertain of their rights". Such a statement sits slightly uneasily with comments by the ABA this week that "all users of the Internet have a responsibility to protect themselves against Internet crime, in the same way they buy cars with safety and security features to protect themselves, anti-virus and firewall protection should be installed on the home or business computer".

ZDNet Australia  asked Ben English, Microsoft's security lead, this week, whether the preponderance of social engineering scams was eroding consumer confidence in activities such as online banking. He told your writer that if people "practise safe browsing, then the threats are manageable".

The ABA and its member banks will be keenly hoping that their efforts preserve customer confidence in online banking. However, the jury is still out on what confidence levels will be like as the level and sophistication of online crime increases.

What do you think? Is Internet banking under threat from rampant online identity theft? Are vendors and security experts expecting too much from consumers in keeping their anti-virus and anti-spam software and firewalls up to date? E-mail us at edit@zdnet.com.au and let us know.

• Related stories

• Alerts

Add your opinion

1. I just paid by bill of $5000+ using netbank the other day, it worked. Its only not safe is used in public computers, or used without a firewall or other protective software. Anonymous -- 11/03/05

   I just paid by bill of $5000+ using netbank the other day, it worked. Its only not safe is used in public computers, or used without a firewall or other protective software.

   • Reply to comment
   • Reply to story
   • Report offensive content

2. Things could get much worse only if Bill Gates stop talking about new technologies and trustworthy computing environments. Also he clams that Windows XP to be safer computing and more secured than ever. The correct answer is no. It is stills not safe and Anonymous -- 11/03/05

   Things could get much worse only if Bill Gates stop talking about new technologies and trustworthy computing environments. Also he clams that Windows XP to be safer computing and more secured than ever. The correct answer is no. It is stills not safe and secured. Why? Microsoft has not taking security very seriously, and always to be too soft in security. For past few years, Microsoft is trying to patch many security holes inside the Windows. This is going to take few years to improve the stronger security. It would be more efficient to cut down the total lines in code and spend more time in testing in security. There are more than 10 millions lines of code in Windows 2000 and who knows in Windows XP and beyond.
   
   The most serious concern is hackers may able to access to your PC through the back door, sharing your PC resource, sending the spam emails without your knowledge, and spying on you. It’s called remote access computing. This technology allows a help desk staff to access your PC and solve the computing problems. That is why trustworthy computing becomes a hazard in Windows XP professional version.
   
   For online banking, these banks should have created the documentation, online banking standards, policies, etc and post it to their clients through the postal mail. That is only way to educating their clients about online banking awareness. Most banks could say they are not responsible for any financial losses until they realise the serious problem in security. They could blame their clients for not having the firewalls, anti-virus and anti-spyware scanners on their computers. These items are costing more to add on client’s PC while banks are continuing finding ways to cut their costing and closing the numbers of branches. Some banks could charging their clients if using the branches counter services. Therefore we are the real victim in this sort of mess and behaviours becuase they were forced to use "online banking".
   
   When a phishing wording made in the major public for the past 18 months, these banks should have sent a letter to their clients and informs to ignore the emails because fraud. I was expecting that to be happen but they didn’t. So far, they were telling them through TV news. Many banks have made over $9 billion bank profits from the last financial year. They got money to spent and have these problems to sort it out wisely, timely and professionally.
   
   The safest way for online banking is an old fashion way such as using the branch's service until Microsoft delcared fully and properly certified as safe and secured in Windows. Using security tokens is OK but who is going to pay to get the security token? Hopefully these banks should pay. Bendigo Bank was the first bank to use the security Tokens to use the randomise access numbers to logon the secured server.

   • Reply to comment
   • Reply to story
   • Report offensive content

• Just In

• Most Popular

• Most Discussed

Reader Services

Popular Topics

Essentials