The House of Lords has suggested that not enough is being done to safeguard the public against cyber crime.

 

A review of the Personal Internet Security Report has put further pressure on the government to make the internet safer. Although some moves were welcomed, such as the establishment of a specialised e-crime police unit, the government was criticised for not pushing through include the passing of legislation to ensure banks take responsibility for losses incurred by electronic fraud.

Phil Hickman, chairman of ValidSoft, said: “Traditional security provisions employed online have been shown time and time again to be ineffective at protecting users from the threats presented by advanced fraudulent techniques. Authentication techniques used by financial institutions, for example, have so far proved unsuccessful at preventing identity theft and electronic fraud.

 

“Defence techniques currently used are simply not sophisticated enough to counter Man-in-the-Middle/Man-in-the-Browser attacks or information stealing techniques like phishing. This is not to say there are no alternative solutions to this problem.

 

“Rather than issuing customers with PIN generators or imposing increasingly invasive or complicated authentication systems there are other more elegant and cost effective solutions to this problem.

 

“Some financial institutions have trialled systems using automated Identity and Transaction Verification systems that enable users of mobile and fixed line phones and other wireless devices to access secure services over electronic channels without having to carry a separate physical security token or having to use a nominated PC.

 

“Organisation's reluctance to change systems permanently has shown that legislation may be necessary to ensure that they take responsibility for the security of customers.”