EghtesadOnline: Central Insurance company of Iran (CII), the regulatory body of Iran’s fast growing insurance industry, is working on a scheme to cover bank accounts against cyberattacks.
According to Gholamreza Soleymani, the CII president, the plan seeks to protect policyholders against phishing scams, adding that it could be approved before the current fiscal year is out next March.
Pointing to the complex nature of cyberattacks, he said, "Latest analyses of cyber risks based on Cyber Police data is needed for finalizing the coverage framework, including feasible ways to identify loss, assessing risks for insurers and policyholders, setting rates based on impacting factors, clearly defining insurers’ commitment and developing a framework for marketing and supervision," IRNA quoted him as saying.
The number of phishing attacks has been increasing in recent months and has prompted insurance companies to concentrate on the best protection measures, according to Financial Tribune.
Financial cyberattacks account for 70% total attacks in Iran, according to police officials.
The Computer Emergency Response Coordination Center (MAHER), affiliated to the Telecoms Ministry, has shut 875 phishing websites during the first half of the current Iranian year.
The planned insurance cover is to include risks related to digital banking, financial data security, unprocessed payment transactions, cyber scams and phishing attacks.
As per the plan, insurance companies will sell the policy to banks to be offered to interested accountholders.
In a move to curb cybercrime pertaining to debit card fraud and increase security of online banking, the Central Bank of Iran has instructed banks and credit institutions to use one-time password (OTP) to protect their clients' ID and bank account data.
Despite a CBI deadline, some banks claim they cannot offer the service now due to software and infrastructure issues. These banks have asked for time from the CBI.
A group of banks provide OTP services on their own software and oblige applicants to install the same.
This is while most clients have accounts in more than one bank and obliging them to install multiple e-bank software would indeed be a hassle.
However, there are clients who don’t have smart phones to run the application or simply cannot use the application.