Payment and banking fraud is on the rise, and the increase in online banking and shopping results in a wealth of potential targets for fraudsters who are able to hack, phish or otherwise obtain consumer details to carry out their crimes.
So how should financial institutions be responding to this threat? One radical approach was recently suggested by Sir Bernard Hogan-Howe, commissioner of London’s Metropolitan Police. He stated that the time has come to pressure consumers to be more responsible for their online safety.
Speaking to the Times newspaper in the UK, he suggested that banks should start refusing to refund consumers who have fallen victim to cyber crime, if it can be demonstrated that they have not taken adequate steps to protect themselves.
A failure to take simple precautions is something that is a common problem for the industry. Figures from Norton Cybersecurity Insights show that in the UK alone, 44 per cent of consumers have fallen victim to cyber crime. However, 42 per cent of individuals do not take the time to change their account passwords after a security compromise or breach – potentially leaving them exposed in the future.
Therefore, the Met commissioner believes that if consumers know they will lose out financially as a result of fraud, they will be less complacent when it comes to their online activities. Sir Bernard said: “If you are continually rewarded for bad behavior you will probably continue to do it, but if the obverse is true you might consider changing behavior.”
An ill-advised approach
However, the problems with his proposals are evident. Much of the relationship between banks and consumers is based on trust, and if members of the public do not feel their bank will support them in the event they are a victim of crime, they will take their business elsewhere.
While the Met clarified that Sir Bernard’s idea would only apply to individuals who did not take basic security steps such as using strong passwords, rather than be a blanket policy for all online fraud, the fact remains that any consumer who is refused a refund – regardless of who is at fault – is very unlikely to remain a customer of that bank.
Even if they do successfully get a refund, having to go through potentially time-consuming and complex processes to prove they had taken reasonable precautions in order to get their money back will not generate the customer satisfaction levels that banks are aiming for.
A proactive solution
Instead, the best way for banks to react to the evolving fraud environment is to improve their detection techniques and block fraudulent transactions before they are completed. Not only is this better for banks’ bottom lines, as they will not be left out of pocket refunding victims, but it also helps build customer trust and confidence.
With today’s analytics capabilities, businesses are much better able to study patterns and trends to spot suspicious transactions and prevent them being completed. Being able to evaluate activities and determine their level of risk in real time is a must. And even in instances where a fraudulent transaction is completed, alerting users proactively and rectifying the issue, instead of leaving it to the customer to spot any anomalies in their statement, helps build trust.
This needs to be coupled with improved user education. Ultimately, while it will be the banks who bear the financial burden of fraud, they can still have a strong role to play in helping customers change their behavior and protect themselves.
According to intelligence agency GCHQ, up to 80 per cent of cyber crime could be prevented through the use of better passwords and up-to-date security software, so the benefits to banks of assisting customers in this area will be huge.