Dutch banks agree new rules on Internet fraud

Dutch banks agree new rules on Internet fraud

Beginning in January 2014, Dutch consumers who fall victim to phishing frauds on their accounts will need to prove that they followed five key security guidelines in order to have stolen funds reimbursed.

The new rules have been agreed by the Dutch Bankers Association (NVB) in tandem with the national consumers union. The code of conduct is designed to provide a policy framework for banks to follow when investigating cases of Internet fraud on consumer accounts.

The NVB says better education of consumers has reduced the value of losses to customers from phishing attacks and malware from EUR24.8 million in the first six months of 2012 to EUR4.2 million in the first half of this year.

Previously, banks have been free to adopt their own rules when deciding whether to reimburse customer losses from cyberfraud. Under the uniform code, consumers will be guaranteed a refund so long as they can demonstrate that they kept their PINs secure and did not loan out their card to third parties. Anti-virus software on consumer PCs is also a prerequisite, as is evidence that the customer maintained regular checks on their account balance and reported incidents immediately.

Comments: (8)

A Finextra member
A Finextra member 25 November, 2013, 15:45Be the first to give this comment the thumbs up 0 likes

And those five key security guidelines are?..

A Finextra member
A Finextra member 25 November, 2013, 17:11Be the first to give this comment the thumbs up 0 likes

Seems the five guidelines are in the article:

Under the uniform code, consumers will be guaranteed a refund so long as they can demonstrate

1. that they kept their PINs secure and,

2. did not loan out their card to third parties.

3. Anti-virus software on consumer PCs is also a prerequisite, as is

4. evidence that the customer maintained regular checks on their account balance and

5. reported incidents immediately.

Might be farily hard to objectively "demonstrate" all the above.

Wonder how Dutch banks will satisfy themselves this was all done by a consumer?

Russell Bell
Russell Bell - Fastbase Ltd - Wellington 26 November, 2013, 05:03Be the first to give this comment the thumbs up 0 likes

If banks really did implement standardised rules for reimbursement they'd leave themselves open to false claims, claims that are themselves fraudulent.  Surely banks will find a way to continue to exercise discretion.  Fuzzy rules and inconsistency between banks may be frustrating for customers but is there really an alternative ?

A Finextra member
A Finextra member 26 November, 2013, 10:05Be the first to give this comment the thumbs up 0 likes

So presumably no more banking on a tablet, phone or mac, or PC running something like Linux?

"3. Anti-virus software on consumer PCs is also a prerequisite"

 

A Finextra member
A Finextra member 27 November, 2013, 08:55Be the first to give this comment the thumbs up 0 likes

If those are really the guidelines, they really do undermine mobile banking. 

A Finextra member
A Finextra member 27 November, 2013, 09:17Be the first to give this comment the thumbs up 0 likes

I have had anti-virus on my mobile (Avast), tablet (Lookout) and Linux laptop (Clam AV) for years. I know Macs have antivirus too. What's the problem with this?

A Finextra member
A Finextra member 27 November, 2013, 09:32Be the first to give this comment the thumbs up 0 likes

The problem is with "secure". If I have an anti-virus s/w that failed to work and my PIN got compromised, whose liability is it?

A Finextra member
A Finextra member 27 November, 2013, 10:10Be the first to give this comment the thumbs up 0 likes

The issue is with the language cited in the article with limitation to PCs. If the real wording does not exclude mobile devices, in that case there is no undermining of the mobile banking.

Trending