Bruce Schneier reports on the adoption by South Korea of a measure he’s advocated for quite some time:
The South Korean government is introducing legislation that will make it mandatory for financial institutions to compensate customers who have fallen victim to online fraud and identity theft.
The new laws will require financial firms in the country to compensate customers for virtually all financial losses resulting from online identity theft and account hacking, even if the banks are not directly responsible.
Note that “[un]der the new legislation customers will still be required to implement safety measures and won’t be compensated for losses incurred from online scams if they are careless with card details, PINS and passwords.”