I'm sure I should start this posting off by noting that, on the 75th anniversary of his grandfather being shot at by Germans, albeit from the 'safety' of an Armstrong Whitworth Albermarle, my 15-year-old son gets sent home from school for falling in a bush and getting a thorn in his finger. But where do I go from there? Probably on some diatribe about how turning the pages of the calendar doesn't necessarily correlate with progress, how we're all going to Hell in a handcart. And who wants to read that?
You want something about how technology and science is pushing back the boundaries. Making it the most incredible time to be alive. So, let's talk cybercrime.
As usual, in order to appear knowledgeable, I googled 'cybercrime' so as to drop in a few nuggets - which is a great technique for any writer, by the way: scatter a few facts restricted to those in the know and, unless you've dropped a bollock, the reader will use confirmation bias to assume your character is a real brain surgeon, rocket scientist, bondage freak.
The first site listed was '300 Terrifying Cybercrime Statistics'.
That any subject area can produce 300 terrifying stats is pretty alarming. Serial killers, sharks, the lizard-people who really rule us; I think it would all get pretty barrel-scraping once you got past the first century of killer facts. But with this one it's a bit of a struggle to cherry pick two or three to whet your appetite: $2m dollars are lost every three hours in e-commerce frauds (worldwide, I assume); 0.8% of global GDP is lost to cybercrime (why isn't it counted, the wag in me wonders?); $2.1tr & $1.5tr: the global annual costs of data breaches and cybercrime respectively. Those are pretty much picked at random.
It's also added spear-phishing, whaling, and catphishing to my lexicon. Thanks for that; wish I didn't need them.
Possibly most alarming is that, when I searched for push fraud, nothing appeared. This, to me, is the most alarming variant of cybercrime: where the victim willingly transfers their money, pressing the buttons themselves, to fraudsters pretending to be their bank, solicitor, builder. But especially themselves, in new 'safe' accounts the fraudsters open pretending to be their bank. The stories can be harrowing. And what makes it particularly galling is that these people, in the main, thought they were doing the right thing.
I trust my virus protection thingumy (and checked it as soon I started googling those links; it had been updated six minutes before), but would hold my hand up and say that I'm human and therefore quite capable of being duped to the extent that I invite the fraudsters in. I'm sceptical, but, boy, they can be good.
So, what I think is needed is a return to the good old days. You know, when the rent money went in one pot, the food money in another, and if you dipped into either for a few pints on a Friday night your old lady would clobber you with an iron. You remember: it was all part of a bygone age, together with clippies on the buses, industrial accidents, and casual racism. (Americans may wish to google irony at this stage).
But seriously, I'm talking a digital equivalent. If the knub of authorised push payment fraud is that the victim thinks the new sort code and account number they're given are their own, or their builder's, or their solicitor's, then why can't we tag electronic money with a second layer of personal identification for significant transactions? A PIN to access my account, and a secondary PIN to make my money yours. Without it, I can only be transferring money to my own account if it really is my account. And, if it's my account, why are you asking for my SPIN? If you're really my solicitor, why are you giving me another SPIN?
Now we have open banking, with multiple accounts with multiple providers it shouldn't be beyond the whit of man to make sure that SPINs are shared across the financial landscape so I don't need to access that second layer to transfer funds from my high street bank's current account to my trading platform's investment account.
I cast these ideas out for others to run with. All I ask is 0.01% of any and all money moved protected by a SPIN. That's not too much to ask is it?
You want something about how technology and science is pushing back the boundaries. Making it the most incredible time to be alive. So, let's talk cybercrime.
As usual, in order to appear knowledgeable, I googled 'cybercrime' so as to drop in a few nuggets - which is a great technique for any writer, by the way: scatter a few facts restricted to those in the know and, unless you've dropped a bollock, the reader will use confirmation bias to assume your character is a real brain surgeon, rocket scientist, bondage freak.
The first site listed was '300 Terrifying Cybercrime Statistics'.
That any subject area can produce 300 terrifying stats is pretty alarming. Serial killers, sharks, the lizard-people who really rule us; I think it would all get pretty barrel-scraping once you got past the first century of killer facts. But with this one it's a bit of a struggle to cherry pick two or three to whet your appetite: $2m dollars are lost every three hours in e-commerce frauds (worldwide, I assume); 0.8% of global GDP is lost to cybercrime (why isn't it counted, the wag in me wonders?); $2.1tr & $1.5tr: the global annual costs of data breaches and cybercrime respectively. Those are pretty much picked at random.
It's also added spear-phishing, whaling, and catphishing to my lexicon. Thanks for that; wish I didn't need them.
Possibly most alarming is that, when I searched for push fraud, nothing appeared. This, to me, is the most alarming variant of cybercrime: where the victim willingly transfers their money, pressing the buttons themselves, to fraudsters pretending to be their bank, solicitor, builder. But especially themselves, in new 'safe' accounts the fraudsters open pretending to be their bank. The stories can be harrowing. And what makes it particularly galling is that these people, in the main, thought they were doing the right thing.
I trust my virus protection thingumy (and checked it as soon I started googling those links; it had been updated six minutes before), but would hold my hand up and say that I'm human and therefore quite capable of being duped to the extent that I invite the fraudsters in. I'm sceptical, but, boy, they can be good.
So, what I think is needed is a return to the good old days. You know, when the rent money went in one pot, the food money in another, and if you dipped into either for a few pints on a Friday night your old lady would clobber you with an iron. You remember: it was all part of a bygone age, together with clippies on the buses, industrial accidents, and casual racism. (Americans may wish to google irony at this stage).
But seriously, I'm talking a digital equivalent. If the knub of authorised push payment fraud is that the victim thinks the new sort code and account number they're given are their own, or their builder's, or their solicitor's, then why can't we tag electronic money with a second layer of personal identification for significant transactions? A PIN to access my account, and a secondary PIN to make my money yours. Without it, I can only be transferring money to my own account if it really is my account. And, if it's my account, why are you asking for my SPIN? If you're really my solicitor, why are you giving me another SPIN?
Now we have open banking, with multiple accounts with multiple providers it shouldn't be beyond the whit of man to make sure that SPINs are shared across the financial landscape so I don't need to access that second layer to transfer funds from my high street bank's current account to my trading platform's investment account.
I cast these ideas out for others to run with. All I ask is 0.01% of any and all money moved protected by a SPIN. That's not too much to ask is it?
No comments:
Post a Comment