• silicon.com
• Management
• CIO Insights

By silicon.com, 27 March 2006 16:55

It's embarrassing and inconvenient when you're trying to pay for something in a shop, and the till queries the authenticity of your credit card.

It may not happen often but it takes what seems like hours to talk by phone to someone in an overseas call centre to verify that, yes, you want to make that particular purchase - even if it's something you wouldn't usually buy or you're buying it in an unusual location.

All this because a computer has told the till there is something unusual in your buying behaviour.

Nevertheless, this is a security measure and as grim as it is, the procedure is there to attempt to ensure that no one is misbehaving with your bank account.

Barclays Bank has announced it's doing similar fraud checks for online transactions. By looking at the behaviour of customers who move money and buy things over the internet, the bank believes it can cut the level of fraud.

As with credit card checks, the Barclays system builds 'profiles' of its customers' spending habits, then matches each transaction with what a given customer usually buys, and if something smells fishy, the system blows a whistle.

Although there are always questions over just how much information is being collected on customers, it's not a bad idea. At least it's a start.

Other banks such as Alliance and Leicester and Lloyds TSB have talked big about moving to two-factor authentication - a security scheme usually defined as 'something you have and something you hold'. But what is everyone else doing now?

Surely now that some banks have made the effort to reassure the public about fraud, the clock is ticking for the rest to join in.

Banks are finally starting to get the point - they are trying to solve the problem of online fraud. This is to be applauded - but they need to move fast as fraud accounts for millions if not billions of pounds in losses each year. And this is only going to get worst if the fraudsters are not thwarted.