Monday, April 18, 2005

Credit Card Data theft online still high

Despite the progress of better security technologies, better educated banking customers as to online banking risk management techniques, password management etc, CNET reported that HSBC will be notifying 180k of its customers about the problem. Some MasterCard holders exposed to data theft CNET News.com

This follows a report where Lexis also had its databases compromised. LexisNexis break-in spurs more calls for reform - CNET News.com

These events will continue to plague online banks and their ongoing efforts to secure banking and their efforts to secure market share.

Where then is consumer online banking heading in the face of such threats? My suggestion is the creation of an association of international online banks to look at creating strong technical standards as well as to formalise rules on how banks can assist each other together with local enforcement agencies in cross jurisdictional apprehension and prosecution of hackers. I believe that this added function to the international proposals for cybercrime development will make prosecution possible as banks will have the funds and deep pockets to hire all the necessary people and equipment to locate the criminals who are usually located in another jurisdiction.

3 Comments:

Anonymous Anonymous said...

It could be hard if the criminals only launch in jurisdiction where the law is not updated, or even if updated, the enforcement is lax.

if captured, which state's law should the court applies.. law of the country where the crime takes place, it can be unfair to the bank and its customers. Law of the bank's country, it looks inappropriate either.. perhaps the proposed association can have its own international court to hear this..

btw, the link to the CNET news is incomplete.

11:28 pm, April 20, 2005  
Blogger Harry SK Tan said...

No amount of law alone will deter a criminal if he chooses to commit the crime. The essence as you alluded is a balanced and updated set of laws that empowers the law enforcement agencies to do their work to investigate, apprehend and prosecute successfully.

Unfortunately, there is no such perfect world but governments are working towards it - slowly. However, I contend that as Banks have deeper pockets than most private enterprise, they can be the first non government association to put up e-banking standards for all members to comply as well as to set aside funds for the prosecution of online bank hackers no matter where they are found. The funds could be used to hunt down hackers - possibly with the use of white hats or converted black hats. Essentially the banks can go on the offensive where governments cannot due to political and national issues.

As for the creation of another international court, it would be unncessary in my opinion. Its not the lack of courts but the lack of powers in the existing courts in various countries. In any case, very few governments will ascribe authority to an international court.

11:45 am, April 21, 2005  
Blogger Harry SK Tan said...

BTW - the broken link has been fixed. Thanks!

1:47 pm, April 21, 2005  

Post a Comment

<< Home

Site Meter