Banks fret over phishing rule

Banks are ambivalent over the provision submitted to Parliament in a Development Ministry draft law about their liability regarding fraud in online transactions (phishing).

The regulation exempts banks from the obligation to compensate victims of electronic fraud for losses of more than 1,000 euros, if, as it states, the provider - i.e. the bank - proves that it "has and is implementing additional and more sophisticated transaction control mechanisms, on top of those applying to the strong identification of transactions."

That provision also applies in cases where the card or account holder has shown gross negligence, such as revealing their card verification number, the password or the one-time password sent by the bank to approve a transaction.

Banks say they are ready to strengthen the security levels for online transactions with or without a card, in order...