AusCERT2012: Measuring ROI in fighting bank fraud

Powered by SC Magazine
 

Australia's online fraud rates don't always justify the investment

Australia's leading banks tend to spend more on IT security projects than what they have recorded in fraud losses, according to a banking security specialist, if only to provide a superior service to customers.

Jake Lambert, technical account manager at authentication vendor Vasco, told SC Magazine that Australia enjoys a relatively low level of online banking fraud compared with other advanced economies.

"The rate of online banking fraud is considerably higher in Europe and the rate of growth around the world is considerably higher again," he said.

Complete coverage of AusCERT 2012

Banks in Europe can therefore make a case to upgrade to each new generation of IT security products in clear ROI (return on investment) terms. Each investment, spread across many millions of customers, cost less than the dollar value of fraud the technologies have proven to prevent.

It's far more difficult for an Australian bank to make such a clear-cut case.

"Today the reality is that it can cost more to enable the solutions than what is being compromised via the fraud," Lambert said.

His assertion begs the question – why do some of Australia's banks continue to invest in the latest security technologies when ROI is so difficult to calculate?

Thankfully for customers, the new investments continue to keep Australia a difficult target for global fraudsters.

But Lambert argues that there is more to it than simply being proactive. The more technology-savvy of Australia's banks – The Commonwealth Bank, as a prime example, have managed to "productise" security or found a way to market it for competitive edge.

Business banking customers may choose to upgrade account options to gain better protections, Lambert noted. Equally a bank might use the introduction of the latest and greatest security tools to reinforce a message to its customers - both of its role as an innovator and as a trusted business partner.

Again, it is hard to generate a clear ROI case, but over time it is expected that such investments generate customer loyalty and higher margins.

In any case, Lambert doesn't expect Australia to get off so lightly in the future.

"In two years we'll be where Europe is today on rates of online fraud," he warned.

"Our isolation – and to some degree our culture - has helped us thus far," he said. "Criminals will always focus their activity on where there is most to gain, so a market of several hundred million users is more lucrative to a cybercriminal than a nation of 20 million.

"But increasingly we are on the map, as our economy is globally recognised as doing well. And as the population of Australia increases, you can expect attacks will increase."

Lambert predicts that eventually the Australian Government will mimic some of its international peers and mandate two-factor authentication for online banking transactions.

Copyright © SC Magazine, Australia


AusCERT2012: Measuring ROI in fighting bank fraud
 
 
 
Top Stories
NBN Co names first 140 FTTN sites
National trial extended.
 
Cloud, big data propel bank CISOs into the boardroom
And this time, they are welcome.
 
Photos: A tour of CommBank's new innovation lab
Oculus Rift, Kinect and more.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
In which area is your IT shop hiring the most staff?




   |   View results
IT security and risk
  25%
 
Sourcing and strategy
  12%
 
IT infrastructure (servers, storage, networking)
  23%
 
End user computing (desktops, mobiles, apps)
  12%
 
Software development
  27%
TOTAL VOTES: 225

Vote
Would your InfoSec team be prepared to share threat data with the Australian Government?

   |   View results
Yes
  63%
 
No
  37%
TOTAL VOTES: 67

Vote