funsec mailing list archives

NZ: Banks Demand a Look Inside Customer PCs in Fraud Cases

From: "Fergie" <fergdawg () netzero net>
Date: Wed, 27 Jun 2007 17:02:58 GMT

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Dave Jevans: Where ever you are, you owe me a beer. I told you that
the liability issues would start to shift more towards the consumer
to prove they are not at fault.

And it _will_ get worse. Bet on it.

Via Computerworld.co.nz.

[snip]

Banks are seeking access to customer PCs used for online banking
transactions to verify whether they have enough security protection.

Under the terms of a new banking Code of Practice, banks may request access
in the event of a disputed transaction to see if security protection in is
place and up to date.

The code, issued by the Bankers Association last week after lengthy
drafting and consultation, now has a new section dealing with internet
banking.

Liability for any loss resulting from unauthorised internet banking
transactions rests with the customer if they have used a computer or
device that does not have appropriate protective software and operating
system installed and up-to-date, [or] failed to take reasonable steps to
ensure that the protective systems, such as virus scanning, firewall,
antispyware, operating system and anti-spam software on [the] computer, are
up-to-date.

The code also adds: We reserve the right to request access to your
computer or device in order to verify that you have taken all reasonable
steps to protect your computer or device and safeguard your secure
information in accordance with this code.

If you refuse our request for access then we may refuse your claim.

[snip]

More here:
http://computerworld.co.nz/news.nsf/news/FDA3CE33D73B5B82CC257302000B0EE8

- - ferg

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.6.2 (Build 2014)

wj8DBQFGgpg9q1pz9mNUZTMRApWTAJ9pjNomy2oQjbldjFGEHg2gH0g18wCg4cb9
1pHQpoXboGgztQoo566EC2A=
=MFlr
-----END PGP SIGNATURE-----



--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg(at)netzero.net
 ferg's tech blog: http://fergdawg.blogspot.com/


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

NZ: Banks Demand a Look Inside Customer PCs in Fraud Cases Fergie (Jun 27)
- Re: NZ: Banks Demand a Look Inside Customer PCs in Fraud Cases B.K. DeLong (Jun 27)
  - Re: NZ: Banks Demand a Look Inside Customer PCs in Fraud Cases Dennis Henderson (Jun 27)
    - Re: NZ: Banks Demand a Look Inside Customer PCs in Fraud Cases Blue Boar (Jun 27)
    - Re: NZ: Banks Demand a Look Inside Customer PCs in Fraud Cases Jim Murray (Jun 28)
    - Re: NZ: Banks Demand a Look Inside Customer PCs in Fraud Cases Gadi Evron (Jun 28)
    - Re: NZ: Banks Demand a Look Inside Customer PCs in Fraud Cases Nick FitzGerald (Jun 28)
    - Re: NZ: Banks Demand a Look Inside Customer PCs in Fraud Cases Bill Weiss (Jun 28)
    - Re: NZ: Banks Demand a Look Inside Customer PCs in Fraud Cases Dennis Henderson (Jun 28)
- Message not available
  - Re: [off-list] Re: NZ: Banks Demand a Look Inside Customer PCs in Fraud Cases Dennis Henderson (Jun 27)
    - Re: [off-list] Re: NZ: Banks Demand a Look Inside Customer PCs in Fraud Cases Valdis . Kletnieks (Jun 27)

(Thread continues...)