France's Booming Online Banking Falters on Security Measures

France may have emerged as a country with one of the world's most developed online banking markets but as far as online security goes, this country surely has a long way to go. How else can you describe the online security of this country's financial system where even the President can find that his personal bank account has been hacked by cyber criminals?

Early this week, France's online security systems received quite a jolt when the French Cabinet revealed that online hackers managed to break into the personal bank account of President Nicolas Sarkozy, and "swindle" some money -- not a large sum though. The government admitted that this incident demonstrated that the country's online banking security is not perfect.

Amusing as this incident may look on its face, it is nevertheless a serious breach, especially considering that close to half of France's Internet users access their bank accounts online. Additionally, Europe's online banking also has its highest adoption rate in France.

Just the day after the Sarkozy bank account embezzlement was reported, comScore -- who claim to be a leader in measuring the digital world -- released a report on the French online banking sector. This, in essence, said that France is one of the world's most developed markets for online banking.

comScore found that of the 37 global markets, France ranked fourth in penetration of online banking, with 46 percent of French Internet users accessing online banking sites in August 2008.  Countries ahead of France are Canada (64 percent), the Netherlands (51 percent) and Sweden (47 percent).

With an average of 6 usage days and 7 online banking visits per visitor, comScore said French Internet users also exhibited high frequency in accessing online banking sites. Clearly, as says Herve Le Jouan, Managing Director, comScore Europe, online banking has emerged as "an important business sector in France, with one of the highest adoption rates in Europe," and "with competition in the online banking sector in France already fierce, marketers need to ensure that they meet their needs online, and ultimately capitalize upon the growing popularity of the sector."

But have the French banks and the other eCommerce players in that country realized that? It doesn't seem so if reports that are available on the website of Bank of France, the country's central bank are any pointers to that problem.

For instance in a report on Internal Security Standards, Bank of France said, "The Bank found that reports from a number of large institutions showed that internal standards lacked proper support, often being limited to control points for transactions handled by their branch network."

Of course one can argue that the situation was what it used to be since that report was published in 2006. Still, not much may have improved since then. For that matter, an IDG News Service report warned even last year that French banks and merchants are not putting in place anti-fraud technology to catch bad online transactions.

According to Marc Andries, head of the oversight division for the Bank of France, the country's central bank, who was quoted in that report saying that  some banks, deterred by high deployment costs, don't even have some basic security measures in place, such as a password authentication system.

Of course, a big reason why online security measures are lacking in France is that its online users themsleves are not highly security conscious and are often reluctant to use even passwords. "French customers are somewhat exceptional in that they show medium adoption rates (of security) despite having the most concerns," said Thomas Meyer, the author of a Deutsche Bank study on online banking in Europe, released last year.

Still, it is strange that unlike in USA, where the Federal Financial Institutions Examination Council, which supervises U.S. financial institutions, mandated that all banks implement a double-layered authentication system at the least, the France's central bank imposes no such binding.

According to Andres -- as quoted in the IDG report -- the Bank of France does not dictate how banks should strengthen their security or what technology they should use.

But perhaps the Sarkozy incident will change all that now. Reports suggest that it has rattled the powers that be with Luc Chatel, secretary of state for consumer affairs, admitting that the French government has realized no one is safe from Internet fraud and that more work needs to be done to tighten Internet banking security in France. Additionally, according to the national crime agency, the country has seen a 9 percent rise in Internet fraud offenses this year.

Meanwhile, this incident should at least come as an eye-opener for the close to 14.8 million  French Internet users who visited at least one online banking site in August 2008. Interestingly, most of these users are matured enough; consumers in the 35 - 44 year age segment and those 55 years and older visit online banking sites most frequently, says comScore.