Tesco bank attack shows payments are the weakest link

With Black Friday less than a month away, it’s a particularly bad time of year for a bank to be hacked, but that appears to be what may have happened to Tesco Bank today. We should point out that Tesco Bank have been very careful regarding the language they used in their statement referring to the incident as “subject to online criminal activity” and haven’t so much as mentioned the word hacked.

In response anything up to 20,000 customers having money fraudulently withdrawn from their bank accounts, Tesco took the decision to stop online transactions from current accounts although they said customers could still use their cards for cash withdrawals, and chip and pin payments.

Tesco put out a statement to reassure customers saying “We can reassure customers that any financial loss as a result of this activity will be resolved fully by Tesco Bank, and we are working to refund accounts that have been subject to fraud as soon as possible“.

Payments seems to be one of the least reliable segments of the retail chain, it used to be so simple when we all carried cash and paid with it or perhaps wrote a cheque, but today everything is electronic and it doesn’t take much for the systems to fail.

Recently Asda went into meltdown when their instore payments systems failed on a Sunday. Over the past few years, RBS and NatWest banks have had regular meltdowns leaving customers unable to access funds.

As a consumer the only real way to protect yourself is to hold debit or credit cards from multiple financial providers, preferably institutions from different banking groups.

As a retailer it’s not quite as easy as you can’t control which banks your customers hold accounts with. The only thing you can do is to ensure you offer multiple payment methods, perhaps credit/debit card, PayPal, Amazon payments and an alternative like Klarna. At least if you cover all the bases customers have a chance of completing their purchases.