Bankers and law enforcement authorities predict a near boom in Internet banking services fraud. Experts see several reasons behind this trend – flaws in Russia’s legal framework, inefficient anti-fraud efforts, and Internet users simply being insufficiently computer savvy.
MORE DEFRAUDERS, LESS PUNISHMENTS
An officer of the Interior Ministry’s Cyber Crime Division stresses that there is a direct relation between the growth of Internet users and the increasing banking services fraud. “As more people connect to the Internet, online crimes continue to grow,” he says.
From his point of view these crimes are mostly committed by young people out of sheer curiosity. The members of criminal groups frequently do not know each other personally or even each others’ real names.
However, bankers are more anxious about other issues.
“First, these criminals do not feel the inevitability of punishment, as serious prosecution against them is all too rare today,” PSB IT Security Department executive Ivan Yanson says.
Moreover, investigations often drag out because the victim may live in one location, the bank server involved in the fraudulent transaction may be located in another, and the offender may withdraw the funds fraudulently in a third faraway location, according to experts.
Meanwhile, Uralsib Compliance Methods Department head Alexei Timoshkin is confident the biggest wave of Internet banking services fraud is still ahead. The more banking services are offered on the Internet, the more crimes are destined to occur.
PROBLEMS AND SOLUTIONS
Protection against unauthorized payments has become increasingly problematic as of late. “Unauthorized payments are possible by attacking secret e-mail keys or controlling them at a distance, or by falsifying payment instructions,” Yanson says. “These threats require different means of protection.”
The most complex way to commit such acts of fraud is to falsify a payment order. However, although special devices can be used to protect against such activities and are already offered on the market, they are not used broadly due to their relatively high price tag, he stresses.
Other measures may include monitoring payments for potentially suspicious transactions and informing customers about safe ways to use online banking.
At the same time, VTB24 bank now uses scratch cards with one-off codes to remotely authenticate and confirm customer operations. As an alternative, customers are offered multilevel security systems using cutting edge cryptographic protocols and algorithms.
However, the biggest problem facing online banking today is that these criminals are constantly inventing new ways to defraud customers and 100-percent protection just cannot be guaranteed, Russian Microfinance Center President Mikhail Mamut believes.
Most experts believe that these offenders largely capitalize on Internet users simply paying too little attention to their online activities.
VTB24 recommends regularly checking personal computers for viruses and never entering any data other than a unique client number, a login and a password.
Regional Banks Association Vice President Oleg Ivanov believes that the Criminal Code should first be improved to combat fraud more efficiently.
“Article 187 on the production or distribution of forged credit or pay cards and other payment documents does not work and hardly anyone has ever been prosecuted based on this provision,” he says.
Yanson adds that lawmakers have yet to determine the security standards to be observed by banks while rendering online client services.
The national payment system law will soon enact such standards, but they will only apply to banks and not to remote banking system developers, Yanson underscores.