Banks must take more action to combat fraud
FRAUD TAKES many forms but banks should be one of the safest bodies to protect our money. “Our watchword is security” – William Pitt’s quip – should be the bankers’ cry, both individually and collectively.
Sadly this is a vain hope, even though banks are ready to accuse any clients of not taking sufficient care when a fraud is reported.
The cybersecurity company Sure Cloud has combined with consumer organisation, Which? to investigate online security. Their report makes devastating reading with under half of banks adequately protecting current account holders.
Seven out of 12 clearing banks fail to use the proper security of two-factor authentication. This is where both a password and a personal piece of information need to be entered before clients can log in.
Yet cybercrime is massive and growing. The Government’s national body, Action Fraud, reported that in just six months last year, £34.6m was stolen from bank accounts. This was a 24 per cent surge on the previous period.
NatWest, part of The Royal Bank of Scotland Group, allows a log in to several banking sessions at the same time and from different devices.
One of the ‘challenger’ banks, Metro, has not yet introduced the dual system to require entry to an account. To combat the concern, it has weak password requirements which the report says exposes clients to hackers.
Two-factor authentication was not demanded by the Cooperative Bank, CYBG (which includes Yorkshire Bank), Lloyds and two Spanish-owned banks, Santander and TSB, the latter owned by Sabadell, as well as Metro and NatWest.
On the plus side, the HSBC subsidiary, Leeds-based First Direct, gives clients the strongest online protection. This includes requiring a telephone call to be made if there is to be a change of username or address.
This is an urgent matter which needs immediate action. Clients need protection.