It’s interesting to see that the internet banking code lauching tomorrow has been watered down.
I bank with Westpac, and RaboPlus. The online experience for each of these banks couldn’t be more different. Westpac have introduced a ‘red shield’ and an online ‘guardian’.
RaboPlus on the other hand have taken the responsibility to ensure security (for the bank and the customer) by providing each of their customers with a Digipass. This Digipass ensures that only you can access your account…unless you first divulged your account number, then the password to your Digipass, then were able to activate the digipass to input the unique 6-digit code each time you wanted to make a transaction.
If I’m giving a bank my money then I expect them to look after it. That means they need to protect every avenue that a criminal might use to get at my funds. My responsibility should be limited to taking as much care as I can to keep my PIN secure. Other than that the bank protects my money from physical and electronic theft. That’s why I pay fees.
It seems that RaboPlus can protect my money from cyber crime, AND charge me nothing for the privilege, whereas Westpac put the onus almost completely on me and charge me excessive bank fees. Who is doing the better job?
Bad of me to have missed this, apologies for playing catch up and disclosure: I’m Media Relations Manager at Westpac. To explain: our approach is actually more aligned with your stated expectations than you credit. Our Online Banking proposition is based on the bank – Westpac – taking more responsibility for maintaining security than is required by the Code of Banking Practice, and minimising the burden on the customer – in this case, you. We deliberately keep it simple for customers to log in and transact online, backing our investment in internal security measures to limit breaches. We back this approach, with a guarantee that states that if you don’t do anything to contribute to a fraud (such as sharing your password details) we will always reimburse in full in the unlikely event of a breach. Which should give customers ultimate peace of mind. We have found that requiring customers to use codes and tokens is a disincentive to use what is otherwise a great financial tool, and can be interpreted as asking the customer to protect bank rather than the other way around. I hope that helps to explain our approach, which in summary is about being customer friendly and accepting, rather than off-loading responsibility.
Craig, so I guess you’re saying that Westpac are supporting the criminal fraternity then? As opposed to putting the maximum measures in place to stop the fraud in the first place.
No, I’m saying Westpac is putting the maximum measures in place at our end to stop the fraud in the first place, rather than insisting customers take extra steps largely on the bank’s behalf. It’s an ongoing battle to stay ahead but one the bank is commited to. The approach is quite common in other jurisdictions but hadn’t been applied in NZ until Westpac took the stance last year. It is coupled with education and communication to encourage customers to keep up to date with personal security measures and seems to be appreciated as we’ve had great succes in growing the number of customers using Online Banking.