Met Police Chief: ‘Don’t Reward Fraud Victims for Bad Behavior’

Met Police Chief: ‘Don’t Reward Fraud Victims for Bad Behavior’

Metropolitan police commissioner Bernard Hogan-Howe has claimed that victims of online fraud shouldn’t be compensated by banks if they’ve not taken adequate steps to protect themselves on the internet.

Britain’s most senior police officer told The Times that the public were being “rewarded for bad behavior” instead of being incentivized to improve password management and keep their anti-virus software up-to-date.

“If you are continually rewarded for bad behavior you will probably continue to do it but if the obverse is true you might consider changing behavior,” he told the paper.

“The system is not incentivizing you to protect yourself. If someone said to you, ‘If you’ve not updated your software I will give you half back,’ you would do it.”

Ever since banks began offering their users free anti-virus software several years ago there have been warnings that this would lead to a more uncompromising stance on refunding anyone hacked or defrauded online who is subsequently found to have failed to download or update said software.

That doesn’t seem to have happened yet, however, and although most banks now issue two-factor authentication devices for online banking, their users are still at risk when paying via their cards on other sites or visiting pages potentially loaded with malware.

Fraud could also arise through no fault of their own, if an online provider is breached and their details fall into the wrong hands.

The Year-End 2015 Fraud Update from Financial Fraud Action UK last week revealed that the value of e-commerce fraud jumped 19% from 2014 to 2015 to reach £261.5 million – although card spending increased by an even higher 21%.

In fact, some might argue that the police response to the fraud epidemic has been less than thorough.

Last year it was revealed that the police are following-up fewer than one in 100 frauds, according to The Times.

Richard Law, Chief Executive at identity data firm GBG, argued that fraud prevention is everyone’s responsibility, especially as now it’s not a case of ‘if’ our data will be compromised but ‘when’.

“With so much of our personal data now out in the public domain, it is worrying to assume that people should have sole responsibility for the protection of it, especially when many consumers are found to massively undervalue their identities online,” he argued.

“Personal information is priceless and we all need to be involved in keeping it safe and secure.”

Robin Tombs, CEO at authentication firm Yoti, added that keeping AV software up-to-date is only one piece of the puzzle.

“Millions of usernames and passwords are being hacked every year. Biometrics are set to play a big part in the future of authentication, which will use one or more unique personal identifiers such as face, voice, retina or fingerprint to prove identities online,” he argued.

“Banks like HSBC and MasterCard have recently made announcements around their planned use of biometrics to help make customers' lives easier and more secure.” 

Source: Information Security Magazine