Johannesburg - Cyber security for financial transactions rests mainly with educating consumers, a panel of industry experts convened to discuss the threat has said.
"I think we're all responsible to educate because security is a known issue across Africa and around the world," Andrew Kirkland, country manager for Trustwave in South Africa, told News24.
Trustwave is a security consultant firm that does analysis of cyber threats facing companies.
One of the emerging trends with regard to financial transactions is the move toward mobile banking platforms. Several of the major South African banks have applications that allows user to conduct sophisticated banking, but the way in which these are used on mobile devices is generally outside of the banks' control.
"The problem ends up being with the user themselves. We've got these apps sitting on your mobile phone or your computer, but it's out of the banks' control in terms of where you go and what else you do," said Kalyani Pillay, CEO of the South African Banking Risk Information Centre (Sabric).
Sabric represents the major South African banks and the organisation has warned consumers that phishing attacks and card skimming in SA is on the increase.
Pillay said that banks took care when providing payment and transacting solutions, but criminals targeted consumers, which they see as a weak link.
SA focus
"They don’t put it [banking solutions] out there without ensuring that at least all the risks are taken care of. The issue is more that you have to consider where the risk lies.
"One of the things that we have identified and done for a long time is the issue around awareness," Pillay said.
Spam in the first three months of 2013 was up, data from security company Kaspersky Lab showed, but even though the research showed SA relatively low in the global environment, the country represents a huge market for criminals.
One scam is that spammers make use of messages allegedly sent by FedEx which say that a parcel could not be delivered and the user is advised to click on a link to ensure delivery. In many cases, this method downloads malware to the PC.
The focus on SA has caught many consumers unaware, particular as the sophistication of the attacks makes it difficult to discern legitimate websites from fake ones.
"If you look at the statistics, we're now one of the top targets in the world, and I think it's because you’re dealing with a lot of less sophisticated users in the system," said Sylvia Papadopoulos, lecturer in the Department of Mercantile, Cyber Law at University of Pretoria.
Some argue that the term "cyber war" is premature because the issue is criminal. However, the scale of the problem has grown exponentially and is complicated by relatively low risk of criminals being caught.
Education
"It's a difficult issue and looking at this question of 'Are we winning the war against cyber crime?', we're sitting in the middle of it at the moment," said Pillay.
Kirkland said that consumer education was key, especially as more people went online to conduct their banking and financial transactions.
"You're putting information out there to try and educate people, but nobody's really wanting to take the time to educate themselves."
- Follow Duncan on Twitter
"I think we're all responsible to educate because security is a known issue across Africa and around the world," Andrew Kirkland, country manager for Trustwave in South Africa, told News24.
Trustwave is a security consultant firm that does analysis of cyber threats facing companies.
One of the emerging trends with regard to financial transactions is the move toward mobile banking platforms. Several of the major South African banks have applications that allows user to conduct sophisticated banking, but the way in which these are used on mobile devices is generally outside of the banks' control.
"The problem ends up being with the user themselves. We've got these apps sitting on your mobile phone or your computer, but it's out of the banks' control in terms of where you go and what else you do," said Kalyani Pillay, CEO of the South African Banking Risk Information Centre (Sabric).
Sabric represents the major South African banks and the organisation has warned consumers that phishing attacks and card skimming in SA is on the increase.
Pillay said that banks took care when providing payment and transacting solutions, but criminals targeted consumers, which they see as a weak link.
SA focus
"They don’t put it [banking solutions] out there without ensuring that at least all the risks are taken care of. The issue is more that you have to consider where the risk lies.
"One of the things that we have identified and done for a long time is the issue around awareness," Pillay said.
Spam in the first three months of 2013 was up, data from security company Kaspersky Lab showed, but even though the research showed SA relatively low in the global environment, the country represents a huge market for criminals.
One scam is that spammers make use of messages allegedly sent by FedEx which say that a parcel could not be delivered and the user is advised to click on a link to ensure delivery. In many cases, this method downloads malware to the PC.
The focus on SA has caught many consumers unaware, particular as the sophistication of the attacks makes it difficult to discern legitimate websites from fake ones.
"If you look at the statistics, we're now one of the top targets in the world, and I think it's because you’re dealing with a lot of less sophisticated users in the system," said Sylvia Papadopoulos, lecturer in the Department of Mercantile, Cyber Law at University of Pretoria.
Some argue that the term "cyber war" is premature because the issue is criminal. However, the scale of the problem has grown exponentially and is complicated by relatively low risk of criminals being caught.
Education
"It's a difficult issue and looking at this question of 'Are we winning the war against cyber crime?', we're sitting in the middle of it at the moment," said Pillay.
Kirkland said that consumer education was key, especially as more people went online to conduct their banking and financial transactions.
"You're putting information out there to try and educate people, but nobody's really wanting to take the time to educate themselves."
- Follow Duncan on Twitter