The chief of the Metropolitan police has today said that banks should not refund victims of online fraud because it 'rewards' them for not taking responsibility for for their own safety online.
Currently, banks and credit card companies automatically pay out pay out to victims of online fraud unless they can be proven to be negligent.
But the Metropolitan police's most senior police constable Sir Bernard Hogan-Howe told the Times that the public need better incentives to taking basic precautions online such as ensuring passwords are safe.
> See also: Why the hybrid analytics approach is key to combatting online fraud in real-time
Online bank fraud is the UK's fastest growing area of crime, with fraud and cyber crime as a whole costing the UK £30-40 billion annually.
Last October RBS group, which owns NatWest and Ulster Bank, revealed that between January and September 2015 almost 5,000 customers fell victim to scams, at a cost of more than £25m. The bank says the average loss was £13,000, with 70% of customers not getting a single penny back.
Richard Law, Chief Executive at identity data intelligence specialists GBG argues that the Met Police's statement is worrying especially in light of recent GBG research which found that nearly a quarter of UK consumers value their identity less than the cost of an iPhone 6s – 23% of Brits valued their online identity at £500 or less – £39 lower than a new iPhone 6s).
He argues, if people do not understand the value of their identity online, how they can they be expected to take sole responsibility for their safety of their personal data?
'It’s no longer a question of ‘if’ personal data will be compromised, it’s when,' he says. 'With so much of our personal data now out in the public domain, it is worrying to assume that people should have sole responsibility for the protection of it, especially when many consumers are found to massively undervalue their identities online. Personal information is priceless and we all need to be involved in keeping it safe and secure.'
Hans Zandbelt, senior technical architect at Ping Identity, argues that it comes down to using the right technology – a more identity-defined environment is essential for protecting customers from online fraud.
> See also: The seven steps to stopping e-commerce fraud in its tracks
'The argument for not refunding victims of financial fraud is a bold one,' says Zandbelt, 'and we believe that there is a wider issue at play here- the reliance on age-old passwords across the retail banking industry. The individual can only truly protect their online identities with two-factor authentication, biometric authentication such as voice recognition, and multi-factor authentication.'
'Many retail banks such as RBS and HSBC are already making impressive inroads here by offering biometric banking to their customers. But much more needs to be done. The banking industry needs to take charge, and ensure that identity security is offered as part of their service to protect British citizens in the ongoing fight against cybercrime.'