09 February 2016

US small businesses ditch banks over online fraud

06 August 2012  |  7272 views  |  5 biometric  face pointer

Around three quarters of small and medium-sized businesses (SMBs) in the US have fallen victim to online banking fraud and many are ditching their provider as a result, according to research from Guardian Analytics and Ponemon Institute.

A survey of 998 SMBs shows that 54% now use mobile devices to access online banking, up from 23% in 2010. Meanwhile, the proportion doing all business banking online has more than doubled from nine per cent two years ago to 20%.

The use of electronic channels is popular with crooks as well as businesses: 74% of SMBs quizzed have been hit be electronic banking fraud, 52% in the past year. Just under three quarters of these online fraud attacks result in the successful transfer of money and, despite efforts by financial institutions to recover funds, 61% result in lost money.

Reimbursement of losses varies - in some cases the business takes the full hit, in some instances it is shared, and in a quarter, banks pay out fully.

A big majority - 72% - of respondents hold their financial institution primarily accountable for ensuring that their online bank account is secure. However, only 43% say their provider takes appropriate action to limit risky transactions.

This means that when fraud does happen, it costs banks business: 56% of SMBs indicate that it would take only one successful attack to lose confidence in their financial institution's ability to provide adequate security. Around 40% have taken some, or all, of their business elsewhere.

Terry Austin, CEO, Guardian Analytics. "The Ponemon Institute's study clearly outlines the strategic impact that fraud has on a financial institution - lost profits and lost customers. Further, recent court cases have sided with businesses when it comes to fraud liability, emphasizing financial institutions need sound practices and security to protect customers from account takeover attacks."

Comments: (5)

Mark Sitkowski - Design Simulation Systems Ltd - Melbourne | 07 August, 2012, 07:47

I'm not surprised. The banks (all except two, in the U.S) keep conincing themselves that their old-fashioned authentication methods are 'adequate' and refusing to look at modern methods of fraud-proofing their online transactions. The main enemies are trojan horse type malware, which sits on the user's PC and reports back to its owner on every keystroke typed during an online banking transaction which, alas, is a user ID and password, and spy cameras (if the user is irresponsible enough to use an internet cafe). An authentication method which is proof against both of the above is described at www.designsim.com.au and is rapidly being taken up by banks in Europe and the U.S.

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune | 07 August, 2012, 14:29

74% Hit, 75% Success, 61% Loss => 33.85% (0.74*0.75*0.61) of all online transactions have resulted in loss of money due to fraud. How come only 3 lawsuits? 

With almost 1 in 3 comprised transactions, it's apparent that virtually every bank is affected by online fraud. So, how does an affected customer decide which bank to switch to?

While the quote by the CEO of Guardian Analytics in this article advises banks to improve their security measures, the same company's blog post states that the bank in question (Ocean Bank) had fraud monitoring technology but didn't use it to monitor the said transactions of the customer (PATCO). Was it because the technology suffered from so much false-positives that revenue losses arising from wrongly blocked genuine transactions far exceeded any fraud losses arising from wrongly permitted fraudulent transactions? Furthermore, what can all the technology do when millions of customers hand over their Internet Banking credentials to Mint and other P2FMs?

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Jan-Olof Brunila - Swedbank - Stockholm | 08 August, 2012, 14:06

Surprising that banks in the USA have not seen the case for buílding up an infrastructure for secure e-banking for themselves. If customers would hold a secure authentication and verification token they would not like to leave to another, unsecure bank. Furthermore the secure e-banking user interface would increase stickyness and thereby customer loyalty. In Scandinavia all banks offer secure customer authentication solutions and these also include transaction verfication procedures. The European Central Bank is now proposing a mandatory two factor customer verification for all internet payment services in Europe in order to protect the important and valuable electronic payments market from fraud and misuse. Such measures will focus fraud to the still unprocteted areas of the world.

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Mark Sitkowski - Design Simulation Systems Ltd - Melbourne | 09 August, 2012, 00:04

@Jan-Olaf: Here's an interesting coincidence. Our site was hit by an attack from Sweden last night, (which is still continuing as I write) which launched 23,000 probes before the firewalls caught it. Attackng machine name is h92n5-m-sp-gr1.ias.bredband.telia.com.

I've extracted details of the first 10,000 of these probes into a file, to help other potential victims secure those areas.
 Get it from www.designsim.com.au/hacker.txt

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune | 23 August, 2012, 14:36

In its recently published article titled Finding a Reasonable Definition of Commercially Reasonable, the Federal Reserve Bank of Atlanta reports
400 reported cases of corporate account takeovers involving the attempted theft of $255 million, resulting in actual losses of approximately $85 million. These are nowhere near the highly scary figures reported by the Guardian Analytics and Ponemon Institute research.

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Comment on this story (membership required)
Log in to receive notifications when someone posts a comment

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board, sign up now.

Related blogs

Create a blog about this story (membership required)

Related stories

17 July, 2012
26 June, 2012
20 June, 2012
03 August, 2011
04 April, 2011

Top topics

Most viewed Most shared
Fintech rising: Resistance is futile, says...
11735 views comments | 51 tweets | 44 linkedin
Digital transformation driving earnings at...
10302 views comments | 48 tweets | 40 linkedin
Visa opens up to developers
8318 views comments | 23 tweets | 41 linkedin
European mobile banking service Pocopay go...
7075 views comments | 24 tweets | 14 linkedin
It may take ten years, but blockchain tech...
7029 views comments | 22 tweets | 19 linkedin

Featured job

Competitive Package
New York City, NY. USA

Find your next job