A recent editorial in “Computing” weekly called “Online security is a duty for us all” discussed new measures that banks are implementing against fraud:
The banks are taking a carrot approach, carefully avoiding the stick. But if new measures fail to halt the problem, the onus might shift to the consumer. Banks may one day only indemnify customers against fraud if they have the necessary precautions in place – from suitably secured home PCs to two- or even three-factor authentication tools such as biometrics.
That could lead us down a rocky road – a banking community divided by technical ability and personal security. Would the days of better interest rates for more secure customers be far behind?
This is not an option that anybody – banks or their customers – would want to consider.
Why on earth not? It sounds like an excellent idea to me. One reason people don’t pay too much attention to the security of their PCs at the moment is that don’t have that much obvious incentive to do so. If their bank said “turn on a firewall, use a secure browser and run regular spyware scans, and we’ll give you an extra 2% on your savings”, we might see quite a few more secure PCs.