To lessen online banking risks, lessen consumer liability risks
In addition to a story on the Zappos' hack, the New York Times also has an editorial "Convenient, but How Secure?" on the growth of online banking and new regulations being implemented that should lessen fraud loss risk.
In addition to a story on the Zappos’ hack, the New York Times also has an editorial “Convenient, but How Secure?” on the growth of online banking and new regulations being implemented that should lessen fraud loss risk.
The editorial says “regulators have decided that current security systems based on passwords, tokens and cookies aren’t strong enough. Starting this month, they want financial institutions to add a new layer that detects unusual patterns of activity — like a volley of transfers to an account in Russia — in real time.” Good idea.
The editorial goes on to state:
“Regulations limit losses for individual victims of a cyberstrike to $500, forcing the bank to cover the balance. But businesses are not covered, and small companies are especially vulnerable because they move more cash around than individuals and cannot afford high-technology defenses.”
Generally, the Electronic Fund Transfer Act (EFTA) and its Regulation E limit consumer fraud liability to $50 from either online transfer or debit/ATM card losses if fraud is reported within 2 days or up to $500, as described, if reported within 60 days.
But small businesses are not protected at all, even though for all intents and purposes, they are treated as if they were consumers (not so well) by the banks.
One way to get the banks to protect our money better would be to limit consumer liability even further, extend that liability limit to small businesses and perhaps even to small governments and schools.
If banks had more skin in the game, they’d be more likely to protect our skin.
Note that consumer credit cards are much better protected than electronic transfers or debit/ATM cards, but by a different law, the Truth In Lending Act (TILA and Regulation Z). Most banks extend similar protection for debit cards, but in some circumstances only, and only by promise not by law. Small businesses are not protected from fraud by either EFTA or TILA.
Senior Director, Federal Consumer Program, PIRG
Ed oversees U.S. PIRG’s federal consumer program, helping to lead national efforts to improve consumer credit reporting laws, identity theft protections, product safety regulations and more. Ed is co-founder and continuing leader of the coalition, Americans For Financial Reform, which fought for the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010, including as its centerpiece the Consumer Financial Protection Bureau. He was awarded the Consumer Federation of America's Esther Peterson Consumer Service Award in 2006, Privacy International's Brandeis Award in 2003, and numerous annual "Top Lobbyist" awards from The Hill and other outlets. Ed lives in Virginia, and on weekends he enjoys biking with friends on the many local bicycle trails.