[5353] in cryptography@c2.net mail archive
IP: Security of on-line banking studied
daemon@ATHENA.MIT.EDU (Robert Hettinga)
Wed Aug 4 15:52:59 1999
Date: Wed, 4 Aug 1999 13:00:38 -0400
To: cryptography@c2.net
From: Robert Hettinga <rah@shipwright.com>
--- begin forwarded text
From: believer@telepath.com
Date: Wed, 04 Aug 1999 11:10:49 -0500
To: ignition-point@precision-d.com
Subject: IP: Security of on-line banking studied
Cc: mcdonald@networkusa.org
Sender: $SENDER@precision-d.com
Reply-To: believer@telepath.com
Source: Washington Times
http://www.WashTimes.com/business/business2.html
Security of on-line banking studied
By Julie Hyman
THE WASHINGTON TIMES
Congressional investigators said yesterday that the 6 million
Americans who bank on line may be getting convenience
at the expense of security.
According to the General Accounting Office, 44 percent of
banks, thrifts and credit unions it surveyed have not enacted
strict enough measures to keep their computer systems safe
from hackers.
The report was released at a hearing of the House banking
subcommittee on monetary policy. Lawmakers shied away from
suggesting regulation as a solution to on-line banking security, but
said both banks and consumers must address the risks.
"We don't want to overregulate the activity to the point that
we unduly dampen it or retard its growth," said Rep. Spencer
Bachus, Alabama Republican. "At the same time, the public has
the right to safety and soundness in Internet banking, so we can't
walk away from it."
Consumers who bank over the Internet use Web sites to
transfer money between accounts, pay bills, check account or
investment balances and apply for loans.
The GAO report concluded that Internet banking is by nature
riskier than conventional banking. Its review of banking
regulators' examinations of 81 financial institutions found that 35
of them, about 44 percent, hadn't taken all the risk-limiting steps
regulators have said are needed.
Mr. Bachus said Internet banking is projected to grow 20 to
25 percent by 2004, making it necessary to be vigilant about
hackers.
"All the banking representatives agreed that we need to
prosecute [hackers who break into on-line accounts] and we
need to publicize it."
He noted that the hearing was just the first stage in a
congressional look at on-line banking that could help increase
Internet security before consumer use explodes.
The study also said that in some cases, on-line banking
operations were begun at companies without the approval of
boards of directors or chief executive officers. If problems arise,
the report cautions, senior management will not have the
foreknowledge to deal with them.
The banking community is responding to the challenges of
on-line banking. The Financial Services Roundtable, a District of
Columbia trade group, formed a technology division in 1996 to
foster the development of Internet banking and to test
electronic-security measures.
But Catherine A. Allen, the division's CEO, said banks alone
cannot ensure security.
"We would like to emphasize that security is a shared
activity," she said at the hearing. Consumers should be aware of
risk, and should choose on-line banks that are insured by the
Federal Deposit Insurance Corporation, she said.
John Hall, an American Bankers Association spokesman, said
that the bottom line of banking, whether it be on-line or the more
traditional, in-person fashion, is trust.
"The banks' No. 1 attribute they sell is trust. Their customers
have to feel completely comfortable that they are secure."
For that reason, he said, the banking industry is vigorously
pursuing security measures.
Even with the explosive growth of electronic commerce and
on-line investing, most consumers are still somewhat hesitant
about conducting financial transactions on the Internet, and even
more so when it comes to managing their finances.
According to a June report by investment firm Goldman
Sachs, only about 4 percent of U.S. households currently use
on-line banking products.
This article is based in part on wire service reports.
Copyright © 1999 News World Communications, Inc.
**********************************************
To subscribe or unsubscribe, email:
majordomo@precision-d.com
with the message:
(un)subscribe ignition-point email@address
**********************************************
<www.telepath.com/believer>
**********************************************
--- end forwarded text
-----------------
Robert A. Hettinga <mailto: rah@ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
