Home / Tech chief slams UAE banking security

Tech chief slams UAE banking security

GITEX: Trend Micro CTO says bank security in Gulf state can only protect against 'school kids'.

The head of technology at internet security giant Trend Micro has slammed the security of UAE banking systems in the wake of the recent ATM card fraud scandal.

Speaking to Arabian Business on the sidelines of the Gitex technology exhibition, chief technology officer (CTO) Raimund Genes said bank security in the Gulf state could only protect against "school kids" and not professional criminals.

"The security is not good here. The security measures implemented here protect against school kids who hack into computers, but don’t protect well against guys who have the money to pay somebody to attack a specific company," Genes said in an interview on Monday.

Genes called on banks to implement two-factor authentication technology in order to beef up security.

Two-factor authentication is where two separate pieces of information are needed in conjunction to authenticate a person's identity.

Thousands of UAE bank customers had money stolen out of their accounts in September by criminal gangs using counterfeit cards to access local accounts from abroad.

Customers across the Gulf state were bombarded with text messages warning them to change the PIN numbers on all cards, with some also having their cards cancelled as banks scrambled to limit the extent of the problem.

Lloyds TSB, HSBC, Citibank, National Bank of Abu Dhabi and Dubai Bank are among lenders that have sent statements warning customers of the threat.

Banks have been reluctant to reveal the scale of the fraud, with Dubai Bank the only lender so far to detail how many of its customers have been affected - standing at 42.

No bank has revealed how much money has been stolen, although there have been reports of individuals losing up to 26,000 dirhams ($7,000). Most banks have agreed to reimburse affected customers.

Officials at several banks have said they have identified a breach at a UAE-based bank as the source of the fraud, which allowed unauthorised people to obtain sensitive data such as pin numbers and information from magnetic strips on the back of the cards, according to local media reports.

The data were then used to produce counterfeit cards to make illegal transactions in dozens of countries.

The Central Bank of the UAE has launched an investigation.