70 likes | 226 Views
Privacy and Online Banking. Stu Woollett Head of E-business, Westpac 30 March 2006. What happened?. A ‘man in the middle’ exploit Categorised as ‘Spyware’ No intention to commit fraud Customers unaware. How did it work?. User installs software they believe to be useful
E N D
Privacy and Online Banking Stu Woollett Head of E-business, Westpac 30 March 2006
What happened? • A ‘man in the middle’ exploit • Categorised as ‘Spyware’ • No intention to commit fraud • Customers unaware Privacy and Online Banking 2
How did it work? • User installs software they believe to be useful • The software steps in between bank and user • It then records the session details • Interloper describes it as ‘researchware’ Privacy and Online Banking 3
We had to intervene • The software hid from users and was difficult to uninstall • Customer details could have been compromised • The company had no intent to defraud • But customers not willing participants Privacy and Online Banking 4
What did we do? • Block sign in • Letters to all affected customers • Expire passwords • Warning into Online Banking • Instruct how to clean your PC • And more… Privacy and Online Banking 5
What was the result? • A strong message from the New Zealand banking industry • A positive response from customers • Three months later the company changed its method of operation • A safer online environment worldwide Privacy and Online Banking 6