Create an Account
username: password:
 
  MemeStreams Logo

Closing the Phishing Hole – Fraud, Risk and Nonbanks

search

possibly noteworthy
Picture of possibly noteworthy
My Blog
My Profile
My Audience
My Sources
Send Me a Message

sponsored links

possibly noteworthy's topics
Arts
Business
Games
Health and Wellness
Home and Garden
Miscellaneous
  Humor
Current Events
  War on Terrorism
Recreation
Local Information
  Food
Science
Society
  International Relations
  Politics and Law
   Intellectual Property
  Military
Sports
Technology
  Military Technology
  High Tech Developments

support us

Get MemeStreams Stuff!


 
Closing the Phishing Hole – Fraud, Risk and Nonbanks
Topic: Technology 12:10 am EDT, May 13, 2007

A new paper by Ross Anderson. May be of interest.

Online fraudsters use a variety of nonbank payment services to launder the proceeds of crime. People had assumed that traceability was the key. However, investigation reveals that revocability is more important. Fraudulent payments within the banking system can be pursued and recovered with a reasonable probability of success; but once stolen funds are used to buy transferable financial assets such as eGold, recovery becomes much harder. This suggests that much of the benefit that could be obtained from regulating nonbanks more closely can be got by greater transparency about counterparty risks. I also look at broader issues; just as adequately regulated offshore financial centres can benefit the global financial system by providing competition, so also nonbank payment systems can play a useful competitive role. A further issue is the confusion between identity and traceability that has crept into compliance procedures since 9/11; I argue that there has been too much emphasis on the former at the expense of the latter. The current FATF rules impose unnecessary burdens, particularly on the poor, while not doing enough to facilitate rapid recovery of stolen assets. Future regulation of nonbank payment services must take account of this. Anonymous or unverified payment mechanisms can be tolerated, particularly for low value instruments, so long as stolen funds can be quickly traced and recovered. One must also be cautious about liability. Many nonbank payment systems use contracts that attempt to make them judge and jury in disputes with customers – risking a race to the bottom that would undermine consumer protection, and moral hazard which exacerbates operational risks. Only payment service providers can fight fraud effectively, as only they have access to all the data, and the ability to evolve their systems. Consumer protection thus cannot be ignored in payment system resilience.

Closing the Phishing Hole – Fraud, Risk and Nonbanks



 
 
Powered By Industrial Memetics
RSS2.0