Other types of fraud essentially persuade you to do something in tile (wrong) belief that it should be done, or to accept something in settlement that proves to be without the value you were led to believe. But they all come back to the same thing--the fraudster has to persuade you that his vision of the world is the correct one.
How do we normally counter fraud?
In ordinary life there are many things set up to help avoid fraud. Mostly we rely upon physical things--buildings (such as banks) help to prove to us that we are dealing with something real--talking to people on the telephone on a number that is in a directory helps us believe that they are who we expect. At a more sophisticated level, businesses have to be registered. There are also agencies with a duty to respond to complaints over the trading practices of businesses.
Avoiding obvious frauds on the Internet
Some potential sources of fraud--misrepresenting a business as that of someone else--are being slowly dealt with. Domain name registration has almost reached the point where there is some certainty that www. Harrods.com is the web version of a famous department store in Knightsbridge, London. But it is still very far from being fully resolved. It is still possible to register www. harrodds.com, www.harrodss.com. You can copy the real thing without too much difficulty, and with a bit of luck and some spelling mistakes a fraudster can still be in business.
Some less obvious frauds
The Internet uses a technology called TCP/IP in order to send information between one point on the Internet and another. Unfortunately it was not designed to be secure; it was designed to be resilient. As a result it is possible to read information that travels around the Internet, and also to alter it. Therefore, it is possible both to read information that is not protected and copy information that has been protected using cryptography, (a technique that makes information unreadable to the unauthorized) and to change the unprotected information without being detected.
The effect of this is to create a situation where fraud can be carried out even when a genuine transaction is taking place. Fraud might include putting other recipient’s names on the distribution list to make you believe they are also involved or in agreement with what is going on. The fraud is subtle because it is impossible for either party to detect. It is effective because the fraudster may have gathered information that allows them to completely impersonate both parties in the future.
Solutions for technical problems
These frauds require a manipulation of the Internet technologies, and so can be resisted by technology. However, the technology being marketed to solve this problem Secure Sockets Layer (SSL), in the way in which it is usually implemented, has fundamental weaknesses, and has been shown to be capable of being defrauded. Many other schemes, based upon codes of practice and logos shown on web sites, although worthy in themselves, are equally capable of being defrauded. It seems strange that some advertising appears to suggest encryption technology using a 40 bit algorithm is perfectly secure for commerce, whilst also saying that 128 bit algorithms are essential.
Alternative technologies such as those from Artic-Soft are being delivered now that allow end users to gain immediate validation of web site content itself. They require software to be present in the machines of the end users to act on behalf of theuser to carry out checks that the user can be prevented for doing themselves by competent fraudsters.
They also require competent registration procedures for Internet traders to make it more difficult for a fraudster to enter the system and pretend to be genuine. Such registration procedures are claimed to be in place for SSL.
