Online fraud hits record high

But slowdown in losses suggests banks' efforts are starting to pay off

Muddimer: significant inroads

Losses from online banking fraud have leapt 44 per cent from £23.2m in 2005 to £33.5m in 2006, but banks are pointing to signs that the tide may be turning.

Figures released by banking body Apacs show that online fraud is outstripping any other type of fraud, and the number of phishing attacks on banks has reached a new high, rising from 1,714 to 14,156 over the same period. However, there has been a sharp slowdown in losses.

‘Online banking fraud figures break down to about £22.5m lost in the first half of 2006 and £10m in the second half,’ said Andy Muddimer, head of online banking at Alliance & Leicester (A&L).

‘Banks have made significant inroads in combating online fraud this year.’

Muddimer says A&L’s picture-based, two-factor authentication has improved consumer confidence and encouraged a 25 per cent rise in online banking transactions in the past year.

Banking giant HSBC says there are many ways to combat online fraud, and two-factor authentication is not the only solution.

‘The introduction of two-factor by certain banks could be responsible for this decrease in the second half of the year, as could other measures we are using,’ said an HSBC spokesman.

Ant Allan, research vice president at analyst Gartner, says to some extent two-factor authentication is implemented for show.

‘Banks also need to invest in fraud detection, which is necessary to deal with more sophisticated attacks that are easily able to bypass two-factor authentication,’ he said.

Apacs is to start trials of a card reader-based authentication system with banks later this year, which aims to reduce customer vulnerability to phishing attacks.

‘More than two or three banks will be involved, but not all our members are committed yet,’ said Apacs’ Sandra Quinn.

Jeremy Beale, head of e-business at the CBI, says it is dangerous to rely on one type of technology and apply it as an industry standard to fight fraud.

‘Online fraud is a constantly moving target and banks must rely on a range of technologies to combat it rather than one silver bullet,’ he said.