21/12/2006

UK payments association Apacs has rejected calls from the House of Lords science and technology committee to publish details of UK banks' online security records.

As part of its investigation into online security, the Lords committee said that as security is far from uniform across the UK banking industry, information showing which banks are the most secure should be made available to customers.

Lord O'Neill of Clackmannan said: 'There is an unevenness about the security considerations. Some measures seem to be over-complicated, other seem to be unduly simplistic.

'Apacs may not have the authority to impose things, but it can surely expose the inadequacies of some of the people who bring discredit on the rest of the members?'

However, Apacs has argued that naming and shaming banks with poor online security measures will do little to address the root cause of the problem.

Colin Whittaker, Apacs head of security, told the committee: 'There is no evidence that one bank is any worse off or better than any others. The level of security they deploy is relatively equal.

'Trying to draw any judgement that this bank is stronger or weaker than another does not help us describe why that bank is attacked in the first place.'

It has also been suggested that simply publishing the number of phishing attacks is too simplistic to give an accurate picture of the UK banking industry's security against cybercrime.

The number of phishing attacks in the UK soared by 8,000 per cent between January 2005 and September 2006, costing UK banks £23.2 million in 2005, Apacs figures have revealed.