Recent data breaches should not cause businesses to lose faith in Internet banking, which remains as secure a banking channel as any other, whether an ATM, a brick-and-mortar branch or a telephone.
The latest, most comprehensive research, conducted via phone among 4,000 consumers by Javelin Strategy & Research, shows that identity theft is more prevalent through printed records offline than online and that Internet-related fraud is generally less costly than paper-related fraud. The study also found that people believe Internet-related fraud is more widespread than it actually is.
Other findings showed that lost or stolen wallets or checkbooks are the most commonly used tools for committing fraud; computer crimes accounted for just 11.6 percent of all known-cause identity fraud in 2004, and half of those cases were from spyware; and half of all identity-fraud cases are committed by friends, family or other close acquaintances.
The survey also found that most identity-fraud crimes are self-detected. It follows that active monitoring through electronic reviews of transactions, statements and credit reports—without waiting for a paper bill or statement—can be invaluable in detecting crime. Still, online fraud remains a risk. What can businesses do?
For starters, assess your financial institutions. There is quite a difference in the way security measures are implemented across the industry. At Wells Fargo, weve required our corporate customers to use two-factor authentication for any monetary transaction since we rolled out our online corporate business portal, the Commercial Electronic Office, five years ago.
Consider the following factors in rating a banks commitment to guarding accounts. Data centers should be protected with up-to-date technology that includes extensive firewalls and SSL (Secure Sockets Layer) encryption for data communications between customers and banks. All transactions should be monitored 24-by-7 to flag unauthorized events and to ensure data integrity. Data centers should be unmarked, dispersed geographically and protected by extensive physical security. Access to private data should be restricted to authorized people, and sensitive data on employees computers should be encrypted automatically.
Although monitoring accounts for suspicious activity is important, more important still is actually preventing fraud. Fraudsters are growing bolder and more sophisticated. New risks include requests for personal data online via e-mail or unsecured Web sites, e-mail attachments from unknown sources, and pop-up windows offering software that will "help" you but which may steal your data.
Staying ahead of fraudsters requires effective law enforcement, consumer vigilance and technological advancement. Our customers trust us—the financial services sector—to safeguard their accounts and financial data. We must honor that trust by investing in the highest standards of security and safety. ´
Steve Ellis is executive vice president of wholesale services at Wells Fargo & Co. and chairman of NACHA-The Electronics Payments Association.
Check out eWEEK.coms for the latest news, views and analysis on financial applications and services for the enterprise and small businesses.