Commercial banks have again given the assurance that Internet banking is safe, following weekend reports of a "hacker" claiming that their recent security upgrades are still leaky.
A Sunday newspaper report said a hacker had illustrated that it was possible to access an Absa bank account. The latest report follows the high-profile case in which a Bellville man, Johan Fourie, allegedly defrauded about 10 Absa Internet banking accounts to the tune of R600 000. Fourie is due to appear in the Bellville magistrates` court on Tuesday, 7 October for a bail hearing.
Adding fuel to consumer fears, the Sunday Times newspaper reported yesterday that a Western Cape man, Horatio Huxman, allegedly managed to find a way into the upgraded Absa system. However, the report gave no details of how he did it, other than saying that he e-mailed a virus.
Absa says it sent some of its top IT executives to meet the latest "hacker" and that it will continue to upgrade its security this week. It will introduce its SMS verification and password authentication shortly. The Absa team declined to discuss how the latest "hacker" could access their clients` accounts.
"We did not know under what conditions he had developed his program, and we invited him to meet with our technical department to discuss the matter," says Alfie Naidoo, managing executive for electronic transactions at Absa.
"He seemed genuine in his concern about the bank`s security and claimed he wanted nothing from it," Naidoo says.
More security measures
Meanwhile, at least one of the major banks, Standard Bank, has introduced further security upgrades by introducing a scrambled pin-pad that takes the calculator-type pin-pad, which it introduced in July, and randomly scrambles it to produce 3.6 million variations. Standard Bank claims the scrambled pin-pad eliminates keystroke and mouse-click logging.
Nedbank issued a statement reiterating that it is confident its security measures are up to scratch with its SMS transaction authentication.
"Nedbank`s innovative SMS security feature has several advantages," says Sydney Gericke, Nedbank director in charge of product development. "First, it is a preventative measure that requires a unique reference number to be entered before certain payment transactions can be completed. A further advantage is that the SMS reference number changes automatically each time the client uses NetBank to add beneficiaries and make one-off payments."
Gericke says all banking transactions are accompanied by varying degrees of risk, yet Internet banking remains a safe and convenient banking channel, provided the necessary precautions are observed. "Should any client suffer a loss due to Nedbank`s negligence, the client will be reimbursed," he says.
Roland le Seuer, head of Internet banking at First National Bank (FNB), says the bank will investigate and if necessary, lay charges against anyone who tries to use illegal means to obtain client account details and gain access to accounts.
He says two or three people have approached FNB in the past 18 months claiming they could access these accounts, "but nothing ever came of it".
"We are always reviewing our security systems and we expect to make some announcements in the future," says Le Seuer.
E-banking remains major strategy
A banking analyst with a major Johannesburg stock-broking firm says that despite all the fuss around concerns about Internet banking, it remains a major strategy for all the major commercial banks.
"The cost benefits of converting clients from physical banking to Internet banking is just too great for the commercial banks not to go that route," he says.
The analyst says that the reported losses to fraud through Internet banking, "remain relatively small, compared to the amounts transacted on a daily basis".
The banking analyst says: "The question of banking security on the Internet and in the physical sense will always need to be upgraded constantly by the banks, and they are aware of that. Whenever a loophole appears, they will have to close it."
Share
