The Channel logo

News

By | John Leyden 26th May 2016 14:20

Bank in the UK? Plans afoot to make YOU liable for bank fraud

Wonder whose idea that was...

Bank customers may be obliged to bear the bill for fraud against their accounts, under proposed changes mulled by banks, the UK government and GCHQ.

Under the plans, individuals or companies with poor online security could be “frozen out of banking services or even excluded from the system whereby banks compensate customers whose accounts are hacked”, the Financial Times reports.

UK banks - unlike those in the US - routinely cover the costs of online fraud, at least in cases where customer negligence (such as sharing PIN codes or cards with third parties) is excluded. Pushing the burden of fraudulent losses towards customers is likely to be hugely controversial. Bankers’ bonuses in the wake of taxpayer-funded bailouts of several banks in 2008 have already caused a huge series of rows and radical changes in liability for online banking fraud through phishing and banking trojans is likely to be even more contentious.

The circumstances suggest that ministers are floating an idea they already know is controversial, even politically unpalatable. If anything comes to light it's likely to be much diluted.

Some security vendors - normally cheerleaders for UK government security plans - have already expressed opposition to the possible banking liability shake-up.

Olov Renberg, the founder of behavioural biometrics firm BehavioSec, commented: “It troubles me that bank customers could soon be forced to cover the bill and take liability for fraudulent activity on their accounts. Time and time again government schemes and individual enterprises have tried to teach consumers the best practices of operating online, yet online fraud continues to rise – why?

"It’s not because of a lack of awareness. Quite simply, security is no longer a consumer’s number one priority when operating online. Today we prioritise convenience online – meaning laborious tasks such as multiple authentication processes are often side-stepped.

“If banks want to reduce fraud for their customers, they need to avoid making consumers the gatekeepers of their own security. If they [banks] are selling consumers convenience and always-on availability, then they need to take on the bulk of the security burden themselves and implement security measures that accurately authenticate users without forcing them through frustrating, inefficient authentication barriers,” he added.

A study by British industry group Financial Action Fraud shows that losses stemming from financial fraud involving payment cards, cheques and remote banking hit £755m in 2015, up 26 per cent on the previous year. ®

comment icon Read 99 comments on this article or post a comment alert Send corrections

Opinion

Baby looks taken aback/shocked/affronted. Photo by Shutterstock

Kat Hall

Plans for 2 million FTTP connections in next four years 'not enough'
Microsoft CEO Satya Nadella
Stranded_ships

Chris Mellor

Thousands of layoffs announced as spinning rust enters its death spiral

Features

STRASBOURG, JUNE 29, 2016: The seat of the European Parliament. by Marco Aprile for shutterstock. EDITORIAL USE ONLY
Plan b, image via Shutterstock
EU workers, new markets: post-Brexit pressure on May & Co
Tough question, pic via Shutterstock
Honest mistake with your licensing? Audit police look at it on a 'case by case basis'