Site icon IT World Canada

Online fraud threatens e-commerce

According to the IDC Continuum 2003 Survey, investment in e-commerce applications is a top prioritiy. However, the occurrence of online fraud could throw a spanner in the works.

Over the past few years, there have been cases of Web sites or e-mail created by hackers to spoof or mimic legitimate entities in order to commit identity theft. Consumers have been caught unaware and divulge their identity or authentication information to these fraudsters. Sometimes, these consumers find their personal information being used to perpetrate Internet theft or other forms of fraud.

This year in the United States, Citibank NA, a division of the New York-based Citigroup, warned its customers to immediately delete a scam e-mail asking them to provide their user names and the first four digits of their bank cards.

The e-mail, which appeared to come from Citibank with the subject “Your Checking Account at Citibank,” warned bank customers that their checking accounts could be blocked if they did not provide their user information.

Citibank worked with law enforcement officials to locate the source of the fraudulent e-mail and has published a list of precautionary steps on its Web site to help customers avoid problems with unsolicited junk e-mail. It also urged customers who receive suspicious online mail to alert company officials.

The Citibank case was an example of “phishing,” or official-looking messages telling recipients that, for technical reasons, billing information and identity data, such as social security numbers, had to be submitted for their accounts.

How banks respond to these threats, and the opportunities presented by a shift of customer interactions to the Web, will determine their relevance in the future, according to IDC. As online interactions move beyond simple transactional and informational services, customers will become more reliant on the Web and banks will have to work harder at turning these online interactions into meaningful, revenue-generating activities.

Locally, Citibank has been frequently educating its customers through constant reminders and inundates the customers with information to prevent frauds. To reduce the chance of spoofing, Citibank came up with the Online Authorization Code (OAC) aimed at further enhancing the security of online transactions.

Whenever a customer sets up a new payee for an online funds transfer or payment, a six-digit OAC code will be generated instantly for the customer to activate the new payee, before transfer or payment can be made to this new payee.

Citibank also provide new features whereby customers can be informed of their OAC through short message service (SMS) besides the regular e-mail, self-service phone banking and post. The consumer simply selects the SMS option when adding a new payee.

Visa has launched its “Verified by Visa” program aimed at giving both the users and the merchants more confidence in online commerce. Verified by Visa aims to enhance existing Visa Card with a personal password of the customer’s choice.

When shopping at participating online stores, customers will enter their password in the same way they would enter their PIN at an ATM without the need to install any specialized software.

The specialized software is installed on the online merchants’ side where Visa will provide a software plug-in for the merchants’ own processing servers, allowing integration with merchants’ legacy systems. After a Visa cardholder enters his Visa Card number on the payment page, the Merchant Plug-In on the processor connects with his Visa Card Issuer (the issuing bank) to check if his Card is secured with Verified by Visa.

Verified by Visa uses secured socket layer (SSL), but adds the important security function of confirming the identity of the Visa cardholder, creating a virtual “card present” environment. It is this important additional function that enables Visa Card Issuers to provide business with guaranteed payment.

The Visa Card Issuer initiates a Verified by Visa pop-up window on the Cardholder’s computer screen. The customer then enters his password and his issuer confirms the Cardholder’s identity back to the online merchant. At which point, the merchant would have authenticated the cardholder and can process the order.

However, according to a spokesperson from Visa, there are few customers using the Verified by Visa system. The focus is still on attracting merchants into the program, as there are still not enough merchants to attract users to sign on as of the moment.

“It is a chicken and egg problem,” explained the spokesperson. Presently, there are only 21 organizations that have implemented “Verified by Visa” on their Web sites locally.

In a recent survey on Asia Pacific e-banking consumers, IDC found that Internet banking adoption has reached a point where the fundamentals of retail service delivery are being altered.

IDC conducted an eight-country household survey of urban Internet users, which provided a comparative look at how customers interacted with their bank and the range of services they performed through the Internet channel.

According to the survey, customers were going online at a breakneck pace and were increasing the range of services they performed online.

The Web, in the eyes of many customers, is the bank. It influences them on everything from product selection to perception of customer service and trust. Banks must focus more on resources, not simply on developing the Web, but also on integrating it with the offline sales and marketing channels, so as to capitalize on growing customer acceptance according to IDC.

Another finding from the survey is that Internet banking users are richer and better educated than their offline peers, with a large percentage of older customers above 40 banking online. Active users are significantly reducing their branch visits, but also admit to taking a more active role in their financial lives. A growing group of users cites the Web as the key reason for purchasing more financial products and services, indicating that it now plays an important role in the decision-making process.

The majority of customers use the Web to conduct a similar range of simple transactions, but there is a change in the types of transactions conducted online. Comfort levels vary across country, but it is becoming clear that some customers use the Web as their primary channel for a growing range of services.

Restrictions on the number of branches and ATM access make the Web vitally important to international players, and its growing popularity works in favour of these players, as they have been forced to become more creative as a result of these restrictions. More importantly, research has shown that a growing number of potentially high-value “mass affluent” customers are migrating online and have consequently reduced their branch visits.

Even in heavily penetrated markets, usage continues to grow. Only a handful of institutions have actively devised strategies and created tools to bring online customers into profitable banking relationships. To be sure, it will require serious effort and experimentation to find the right approach, but this must be done if institutions want to remain relevant in their online customer’s lives.

Exit mobile version