/ Money, Technology

Should banks refund victims of online fraud?

Sir Bernard Hogan-Howe

The Times reports that Met Police Commissioner Sir Bernard Hogan-Howe has said victims of online fraud should no longer be refunded by banks if they fail to protect themselves.

With online fraud increasing, this is an astonishingly misjudged proposal from the Met Police Commissioner.

Sir Bernard on bank fraud

The front page of The Times reports that Sir Bernard Hogan-Howe said:

‘If you are continually rewarded for bad behaviour you will probably continue to do it but if the obverse is true you might consider changing behaviour. To be fair to the banks, if one says they’ll do it and the others don’t that’s a competitive advantage.

‘The system is not incentivising you to protect yourself. If someone said to you, “If you’ve not updated your software I will give you half back”, you would do it.’

However, the priority should be for banks to better protect their customers, rather than trying to shift blame on to the victims of fraud.

Reimburse fraud victims

Of course, it’s vital to educate consumers about how to avoid fraud, but suggesting that banks could make people more security-conscious by refusing to reimburse fraud victims risks sending the wrong signal about the banks’ own crucial role in preventing crime.

We know that scammers are using increasingly sophisticated techniques to defraud people out of their money, in many cases beyond the control of consumers.

We believe that banks should be doing more to improve their security processes and systems, share their intelligence to prevent fraudulent activity, and support their customers when they fall victim to crime.

Banks inconsistent with fraud

In September 2015, we found that banks were inconsistent when dealing with fraud. A Freedom of Information request revealed that the Financial Ombudsman Service uphold around one in four complaints relating to fraud and disputed transactions in favour of the customer, stating that in many cases banks have based their decisions ‘on a hunch’, without conducting a full investigation.

The Met has since clarified Sir Bernard’s comments, saying that he also agrees banks need to consider investing more in their security systems. However, if banks did not have to reimburse victims, what incentive would they have to protect their customers from fraud in the first place?

Should banks reimburse victims of online fraud?

Yes (97%, 28,600 Votes)

No (1%, 424 Votes)

Don't know (1%, 403 Votes)

Total Voters: 29,427

Loading ... Loading ...
Dawn Varma says:
27 March 2016

Yes we need to play our part but we are amateurs battling professional crooks.

sophieanne says:
27 March 2016

The bank offers online protection, if this does not work, they must pay out.
If the consumer does not down load the banks security, then they are leaving themselves open to fraud.
It is a two way street, why not use the banks protection, which in turn protects you to a greater degree.

PaulD says:
27 March 2016

Please think about this? (computers are here), we use them more to do most of our transaction online, banking, shopping, emailing, working and socializing we want to protect all that we do online!

We all Know “Fraud” is a crime, (we should be protected/insured) by Government police Banks business and ISPs.
Fraud is made up of different ways to trick honest people out of their cash. It prays on the old young and sometime clever, it tricks people into giving details that can be used later.

Instead of removing the compensation this should be backed up with a method of shutting down websites that insight fraud or any other crime against people, no one person should lose their hard earn cash.
This won’t go away, it won’t get better, we can’t ignore it we have to fight it.

Apologies I have double-posted as the original post appears nowhere near the end of this thread in order of time. My apologies.

“Should banks refund victims of online fraud?”
Should an Executive Director of Which?, owned by the member’s charity the Consumers’ Association, be more thoughtful in polling the public?
“Should banks reimburse victims of online fraud?
Yes (97%, 26,313 Votes)
No (1%, 396 Votes)
Don’t know (1%, 337 Votes)
Total Voters: 27,046”
The question is roughly on the same basis as “Should people be paid a fair wage?” you are going to get an automatic yes vote. However that does not actually take us very far in solving the problem of what is a fair wage, or what “fraud” is a a genuine one, or in fact how complicit are Banks in helping fraudsters.
For example three weeks ago the BBC Radio 4 demonstrated live on air how to gain control of someones account aided by some absurd Bank actions.
” Two major high street banks will change security procedures after journalists from BBC Radio 4’s You and Yours programme broke into an account online and removed money. Recently bank customers accounts have been successfully attacked by criminals who divert mobile phone accounts.
Criminals persuade phone providers to divert mobile phone numbers in what is sometimes called “SIM swap fraud”.
The guilty parties are the Banks for operating such a slapdash system. One might hope that the Directors of the Bank are called in for a grilling on facilitating fraud on their customers. I have yet to read of this happening.
If WHich? wanted to do something positive perhaps they would like to see what legal charges can be brought against these Banks – the BBC has done the proof for you and the Bnaks have admitted their system was flawed. Seems fairly open and shut.
Compensation for all those caught out so far by this majorly flawed system and fighting the Banks would not go amiss. Perhaps the Met Commissioner should have listened to the BBC.

Just as an aside , and speaking as someone who worked in Banks for over two decades. I do not consider online banking safe or am I particularly fond of cards. Particularly contactless.

Everything designed to reduce banking costs, both old Banks and new Banks, will be promoted a secure and convenient. This will be mainly true until something goes wrong. Will something go wrong? If yuo read The Register and see the number of scams , frauds , and security weaknesses reported each week you to might feel nervous.

I am of the generation that assured customers that four PIN authentication cards were super safe. This was not true but that did not prevent them being rolled out. A thinking person might have wondered whether taking twenty letters from the alphabet would have been smarter as the bright boys had cracked the four number pin over a decade ago.

Just remember to have adequate cash as unlike all the other methods it works when the electricity fails. And its very hard to spend more than you have. If that sounds obvious I would point out Banks make most of their money from customers from charges for being overdrawn and debit interest.

Do you think contactless cards make it easier or more difficult to lose track of expenditure?

Some great advice there DT.

With interest rates as low as they are right now, there is little risk in holding funds as cash.

I used to have a friend who strongly preferred to make all his purchases using cash.

He followed the simple rule that, outwith food and drink, he would never buy any goods unless he could get “something off for cash”.

He always asked “how much for cash” and walked away from traders who would not give even a token discount.

At first glance a four-digit PIN seems to be a weak form of identification. There must be hundreds of thousands of card-holders with identical PIN’s and possibly millions for the easy series like 2468 and similar. But each card also has a unique identity, issuer code and history which all have to reconcile with the holder’s PIN, so it was not such a bad system when first introduced. Now, with sophisticated criminal techniques [affordable because the potential gains are astronomical], the basic credit and debit cards are not perfect but, more to the point, the risks are much higher if card-holders are in any way lax in their own security. In our more casual society, cards are carried openly, they fall out of pockets, they are used to scrape ice off windscreens, they are left on the counter or checkout, the numbers are read out over the phone to unknown call-centres, and so on. For distance selling, the three ‘security’ numbers on the back of cards are usually required [to prove that the purchaser is actually in possession of the card] and these also are read out over the phone; at least with on-line ordering the code numbers are encrypted [don’t deal on sites that don’t have that protection]. The opportunities for fraud have escalated way beyond the banks’ initial imaginings and it is impossible to put the genie back in the bottle now. While the banks have to accept responsibility for fraud perpetrated within [and through the assistance of] their systems, it is a foolish card-holder who does not do all they personally can to protect their own security – if only to avoid the hassle of having to make a claim or having your card account frozen

Keith Peutherer says:
28 March 2016

When was law creation and amendment delegated to the police? This is not part of their function; they should be reminded of the limits of their involvement and influence!

Keith -what you have said is a fundamental Truth and is the Keystone of any really democratic regime ,government or country . It is a Law that shows whether we are really a Free country or just a dictatorship made to look as if it is democratic . It is obvious who he is speaking for and on behalf and it isnt the majority of the British population , this is an extension of “American Speak ” where instead of the government obeying the voice of the people , those in authority but not voted in by the people speak out on behalf of BB and the Banksters expressing a view that the government uses as a means of propaganda to implement legislation that is anti- 99 %.

591160 says:
28 March 2016

Why doesn’t this man retire. He has got so much wrong so many times.

Mary A. says:
28 March 2016

My main concern over this issue is that if banks are compelled to reimburse their unfortunate customers, they might well see an opportunity for reimbursing themselves through imposing /raising bank charges

sandra marshall says:
28 March 2016

Let us all hope that this Commissioners bank account is wiped out by fraud. Then he becomes the victim. This country is too fond of protecting perpetrators of crimes and abuse against the good living public, the victims.
Thank you Which for standing up against appallingly moronic suggestions from a so called senior member of the establishment and judiciary

Judith Mitchell says:
28 March 2016

An average domestic computer users probably buys the computer with security package and then fails to update security software. Surely some education is needed? We belong to a neighbourhood watch network which provides information on the latest scams. It is amazing how complicated these have become and how plausible are those behind them.

Mary Chester Rhind says:
28 March 2016

I have looked through these comments … not all though.
Mr Hogan Howe is a commissioner, not necessarily a trained policeman of rank.
Commissioners are different from police officers in the sense that they manage police business and budget etc …. along with the hiring & firing, they in my experience do not do a policemans job, we have our constables and at the other end of the scale, our chief constable.

The shortest solution would be for all online shopping to be done through the bank owned website as an ‘in house shopping one stop shop’, simply because your ‘plastic’ used for these purchases would either come from a credit house or banking house. The banks system would have a complete money transaction chain & consequentially the onus of responsibility would be the bank & not the customer at all ….. no different then to someone unauthorised withdrawing money from your account held within the bank.

I do not bank at all online, I do not shop online unless there is a contact phone facility because of the ease to commit fraud. However, I would if the banks took the responsibility and made their customer services an ‘in house one stop shop’. I’m certain that the bank insurers would feel better, the crime would be easier to follow in the trail too.

Pierre Caspersz says:
28 March 2016

Every time I read about Sir Bernard, I always end up with the view that our most senior police officer is more on the side of the criminal than on the law-abiding.

It really is time for him to go. Full stop.

skepticscott says:
28 March 2016

One can only hope that some hacker/fraudster targets him and his family, run up massive debts and destroy his credit score, perhaps then he might change his tune.

D. R. MOORTON says:
28 March 2016

l was in Crawley for the week and my card was used in Hastings every other night for fish and chips and l only found out when l got my account in the post and l proved were l was by using the card In Crawley


Another example of fraud caused by inadequate thought in the construction of the lottery operated by Conneticut. The state is irrelevant the true story is the hackability of the systems . Now should anybody from the lottery be jailed for incompetence?

Should players who have had inordinate number of losses feel cheated?

Phil says:
28 March 2016

There no such thing as complete internet security, its impossible to guarantee 100% security online…….PERIOD!! Internet fraud is an constantly evolving beast, if the banks want internet business to reduce their staffing costs, etc then its up to them to keep up with the fraudsters, they have the expertise, they have the resources, the average customer does not and never will have. I don’t bank online because of the risk, despite the current arrangements. but my bank encourages me to do so on a very regular basis. If the emphasis was on the customer it would be a kin to being led into the lions den!! Such an arrangement, if introduced, would, in my opinion, be irresponsible and extremely unfair. We all have enough reasons and incentives to keep our internet security up to date, no one wants to deal with a crashed, slow, spied upon infected computer.

Tony G says:
28 March 2016

I am very surprised that Which have gone for a vote on comments possibly taken out of context. Are we saying that no matter how careless an individual has been they should be compensated?? Think who pays in the end. This is the same mentality as saying that those who abuse their health by smoking,drinking,drugs or food to the excess still deserve to be treated by the NHS thereby taking resources away from them that genuinely need them. Look at any A & E on a Friday and Saturday night and witness what is expected of our NHS through stupidity drink abuse etc. We seem to be encouraging a culture of “I can do whatever I like when I like and to whom I like and someone else can pay”. Yes banks etc can do better in certain areas, but we have to start taking responsibility for ourselves, and the consequences of some our actions and behaviour.

John says:
28 March 2016

In my experience, although banks like to prominently advertise that you are “protected from online fraud” when it comes down to it they will try to fob you off with comments such as “you should have read the Ts & Cs” when in fact the link to the the Ts & Cs were hidden and anyway they were unfair and therefore not legal. Then they tell you it’s your problem. Funny how I seem to remember that when the banks failed it was their customers and tax payers who bailed them out. Double standards from a fat, corrupt and lazy industry! Shurley not, Milord!

alex says:
28 March 2016

what are these people on. i have been scammed once and i got my money back. i have had letters from the bank to say that somehow my mortgage details got lost when they got sent to the government, I am with Talk talk and ever since they got hacked every week i have paypal scam emails, saying that my paypal account is being stopped, has been hacked or is being limited, as i have a business, fraudster think that is my email account is connected to my business , the fact is , i dont even have internet banking, no paypal account , yet i receive cleaning invoices, refund. the problem is nearly everything is on the internet. you can look on facebook, twitter, can do limited company searches, can pay a few quid for someones address and details, its all on the web and then you have people selling you info onto 3rd parties. you can go find anything about anyone on here. its all there and this is why people are getting cloned . i couldnt believe that companies on here sell peoples details, people that probably dont even know that their details are on here. It shouldnt be aloud. im ex directory , yet someone can pay very little for my address etc, and with banks loosing details etc, nothing is private. i for one dont like my details being public. so yes the banks are partly responsible for fraud , so yes they should pay back money. if it happen to a famous person of some one in parliament, or the police then there would be a right hissing fit until it was sorted, they would probably ask for compensation too

Martin says:
28 March 2016

Must have good interest rates. Banks are now paying the police to rip us off. Who is next