Know Your Protections and Risks When Banking Online
As Americans increasingly migrate toward conducting banking and other financial transactions online, the threat of falling victim to ever-more sophisticated cyber-crimes continues to rise. Financial services companies are keenly aware of the potential security risks posed by online money transfer. That is why the industry as a whole has developed a series of standard security protocols designed to ensure that customers’ assets and personal information is kept safe.
Following is a list of common security features offered by most banks and financial institutions. Be sure to compare these measures with what your own bank, credit card companies, and other financial vendors have in place.
Anti-malware software. Anti-malware is a term commonly used to describe various software products used to prevent, detect, block and remove malicious software products that are intended to damage or disable computers or computer systems. Anti-malware software may also be referred to as anti-virus or anti-spyware.
Transaction monitoring/anomaly detection. Network monitoring software has been in use by financial institutions for a number of years. Similar to the way in which the credit card industry detects and blocks fraudulent credit card transactions, systems are now available to monitor online banking activity for suspicious funds transfers. For instance, too many incorrect login attempts will signal the system to lock a user out of their account until positive account verification can be confirmed. Transaction amounts (specifically withdrawals) that fall outside the customer’s normal or pre-established limits are also scrutinized.
Multilayered authentication. Many online banking/financial systems now require multiple layers of user identification, or authentication, that only those authorized can provide. For instance, some authentication protocols verify the device the customer is using to access the bank’s website. If the device does not match the bank’s records, additional authentication measures, such as one or more challenge questions, will be presented to the customer. Similarly, a number of institutions are requiring “out of band” authentication, which requires a transaction initiated via one delivery channel (e.g., Internet) to be re-authenticated via a different channel (e.g., telephone) in order for the transaction to be completed.
Firewalls. Firewalls are software- or hardware-based security systems that create a secure barrier between your bank’s internal network, where your information is stored, and the unsecured Internet. The data “traffic” flowing in and out of the bank’s network is monitored and analyzed to determine its legitimacy.
Encryption. Encryption scrambles information being transmitted between your device and the bank’s network into a code that is virtually impossible to decipher, thereby protecting against unauthorized access. Many financial institutions now use 128-bit encryption, an advanced encryption technology.
Customer Education: The Linchpin of Any Security Program
In the final analysis, even the most sophisticated security measures are no substitute for well-informed customers. Toward that end the Federal Financial Institutions Examination Council (FFIEC), a body of the federal government made up of several U.S. financial regulatory agencies, issued guidance suggesting that, at a minimum, a financial institution’s customer education efforts should include:
- An explanation of protections provided, and not provided, to account holders relative to electronic funds transfers.
- An explanation of under what, if any, circumstances and through what means the institution may contact a customer on an unsolicited basis and request confidential account-related credentials.
- A list of risk-control measures that customers may consider implementing to mitigate their own risk.
- A list of appropriate contacts for customers to use if they notice suspicious account activity or experience security-related events.
1Source: The Federal Financial Institutions Examination Council (FFIEC), “FFIEC Supplement to Authentication in an Internet Banking Environment,” June 29, 2011.
Because of the possibility of human or mechanical error by Wealth Management Systems Inc. or its sources, neither Wealth Management Systems Inc. nor its sources guarantees the accuracy, adequacy, completeness or availability of any information and is not responsible for any errors or omissions or for the results obtained from the use of such information. In no event shall Wealth Management Systems Inc. be liable for any indirect, special or consequential damages in connection with subscriber’s or others’ use of the content.
© 2015 Wealth Management Systems Inc. All rights reserved.