Home banking: the allocation of losses due to computer fraud

Carolina França Barreira

Keywords

Home banking; bank; computer fraud; phishing; access codes; payment services

Abstract

The object of this investigation is focused on the study of the home banking service and how the allocation of losses due to computer fraud is processed in the scope of this service.
When considering the questions raised by the allocation of losses associated with fraudulent operations, it is important to consider, mainly, the behaviour of the user of the home banking service.
In our opinion, courts have been too demanding towards the user when judging his action in the use of this service.
In this study, we have concluded that, when the user “falls” into a computer fraud scheme, he should not be liable for gross negligent behaviour, even if, due to the fraud, the user revealed all his access codes to a hacker on a page similar to that of his bank.
In general, such facts will not be sufficient to qualify the user’s action as grossly negligent. Therefore, the user, under the terms of the Payment Services’ System, must bear the loss up to a maximum of €150, and the bank will face the remainder of the losses.
However, if the user, victim of a fraudulent technique, ignored the safety warnings issued by the bank, one must consider, given the specific case, that he contributed to gross negligence in unauthorised payment transactions. Thus, the user must bear all the losses up to the moment when he notifies the bank about the unauthorised transactions.
It is the bank’s responsibility to, given the specific case, adduce evidence of the client’s contribution to the identified losses.
The object of this investigation is focused on the study of the home banking service and how the allocation of losses due to computer fraud is processed in the scope of this service.
When considering the questions raised by the allocation of losses associated with fraudulent operations, it is important to consider, mainly, the behaviour of the user of the home banking service.
In our opinion, courts have been too demanding towards the user when judging his action in the use of this service.

In this study, we have concluded that, when the user “falls” into a computer fraud scheme, he should not be liable for gross negligent behaviour, even if, due to the fraud, the user revealed all his access codes to a hacker on a page similar to that of his bank.
In general, such facts will not be sufficient to qualify the user’s action as grossly negligent. Therefore, the user, under the terms of the Payment Services’ System, must bear the loss up to a maximum of €150, and the bank will face the remainder of the losses.
However, if the user, victim of a fraudulent technique, ignored the safety warnings issued by the bank, one must consider, given the specific case, that he contributed to gross negligence in unauthorised payment transactions. Thus, the user must bear all the losses up to the moment when he notifies the bank about the unauthorised transactions.
It is the bank’s responsibility to, given the specific case, adduce evidence of the client’s contribution to the identified losses.