|
||
Research and retrieval of news articles by: SPECIAL NOTE TO ALL VISITORS: |
FLAWS IN THE SYSTEMSource: ForbesPosted on November 12, 2003 The stories are enough to scare you back to the Stone Age. In February, 8 million VISA ,MasterCard and American Express redit-card numbers were stolen from a server in Omaha, Neb., by ambitious computer hackers. Last month, Romanian cyber-terrorists, reportedly operating out of Internet cafes, were extorting companies and defrauding customers worldwide. Black-market brokers are mingling in chat rooms selling stolen credit-card numbers to the highest bidder. No wonder that fear of online fraud and identity theft are soaring. Forrester Research said in September that consumer confidence in online credit-card security has eroded in the past few years. In a survey of 39,000 Internet users, nearly one-third were pessimistic about Internet security -- an all-time high. The fear is warranted. The U.S. Federal Trade Commission says identity theft affected nearly 10 million Americans in 2002, costing the economy almost $50 billion. "Online fraud and identity theft are real problems with real risks," says Ariana-Michele Moore, an analyst with Boston-based research group Celent Communications. Moore says that by 2006, 25% of all identity theft will be committed with information found online, up from less than 5% in 1998. The FTC does not break down identity theft into online versus offline. Moore doesn't think the heightened fears will stop the $100 billion Internet economy dead in its tracks. "Those who are already shopping online fully understand the risks and, for the most part, are taking the proper steps to protect themselves," she says. "These consumers won't stop using the Internet to shop." Still, Michael Weider , chairman of a software company called Watchfire , says that the growth of online banking might be even higher than the projected compounded rate of 14% if people were not so concerned. Gregory Garcia , vice president of information security at the Information Technology Association of America (ITAA), cautions, "As more and more people go online to shop, bank and do other transactions, there are certainly more and more criminals turning to the Internet." Hoping to curtail the problem before it grows out of control, the Arlington, Va.-based ITAA recently assembled some of the biggest players in business to form the Coalition on Online Identity Theft. Amazon.com, eBay, Microsoft and VISA have all signed on to share information, educate the public and push for aggressive laws aimed at squashing Internet fraudsters. Most companies involved with the coalition won't talk about specific fraud safeguards they have in place. The reason: They're afraid of tempting the hackers to do more. Fighting hackers and fraudsters has spawned cottage industries. One company attempting to make the Internet safer for business is VeriSign of Mountain View, Calif. One-quarter of all online payments processed in North America go through VeriSign, which had sales of $1.2 billion in 2002. Another firm trying to protect Internet businesses from fraudsters is CyberSource , which designs software that screens transactions for possible fraud. The company screens over $9 billion in online transactions every year for companies including Home Depot, Wal-Mart and Nike. "Large Internet merchants, by the definition of their brand, have an easier time creating an image of trust on the Web," says Steven Klebe , CyberSource's vice president of strategic alliances. "But smaller Internet merchants with no name recognition need to establish trust with their potential customers." It's not just small companies that need to make sure they're protecting privacy and security. According to a study co-sponsored by IBM and Watchfire, 66% of the largest financial-services firms don't have the proper policies in place to protect customer's data, and many don't follow their own stated privacy policies. CyberSource helps companies to "fraud scrub" their transactions to analyze hundreds of data points during a transaction. PC Mall , a $900 million online computer store, says it caught and canceled about $7.7 million in fraudulent orders using CyberSource. (It still lost $500,000 in fraudulent transactions). One downside to fraud screening is the potential of turning away legitimate customers. "There are a number of other factors Internet companies will look at when trying to determine fraud," says Celent's Moore. "For example, if they think someone might be committing fraud, they'll look at the size and margin of the transaction. A company is more likely to turn down a $10, low-margin transaction than a high-margin, lucrative sale." Other companies offer alternative payment methods to ease customers' fears. Continental Airlines recently said it would use privately held I4 Commerce's "Bill Me Later" program. Under it, a user buys goods online and has an invoice sent to his or her house, instead of giving up a credit-card number. Scott Stachowiak, a director of business planning for Continental, says the airline loses about $1 million a year to online fraud. That's a rounding error to Continental's $8.5 billion in annual sales, but he says giving weary customers a payment alternative makes good business sense. Despite the efforts of security and alternative payments firms as well as the efforts of the ITAA, Moore says that fraud can only be contained, not eradicated. "Fraud is always evolving," Moore says. "There will be new kinds of fraud. The issues we are faced with today will not be there in the future, but there will be new ones. We'll never eliminate online fraud, because too many people make a career of it."
E-Commerce Alerts are issued by Bennett Gold LLP, Chartered Professional Accountants as situations develop. Bookmark this site and check back often. Our e-mail address is: info@BennettGold.ca In accordance with United States Code, Title 17, Section 107 and Article 10 of The Berne Convention on Literary and Artistic Works, the news clippings on this web site are made available without profit for research and educational purposes. |
ALERT WebTrust Is Your Best Defense Against Privacy Breaches. Get WebTrust Working For Your Site. |