As electronic banking increasingly becomes the preferred means of conducting financial transactions for consumers and businesses alike, the security risks posed by online money transfer continue to proliferate.
For their part, banks have a vested interest in keeping their customers' assets and confidential information secure. That is why the banking industry as a whole has developed a series of standard security protocols and techniques designed to do just that.
Common Fraud Protections
The following are general protections offered by most banks. Be sure to compare this list against the measures your own banking partners have put in place to keep your identity and assets
safe as you bank online with them.
Firewalls -- Firewalls are software or hardware-based security systems that create a secure barrier between your bank's internal network, where your information is stored, and the unsecured Internet. The data "traffic" flowing in and out of the bank's network is monitored and analyzed to determine its legitimacy.
Encryption -- Encryption scrambles information being transmitted between your device and the bank's network into a code that is virtually impossible to decipher, thereby protecting against unauthorized access. Many financial institutions now use 128-bit encryption, an advanced encryption technology.
Multilayered Authentication -- Many online banking/financial systems now require many layers of user identification, or authentication, that only those authorized can provide. For instance, some authentication protocols verify the device the customer is using to access the bank's website. If the device does not match the bank's records, additional authentication measures, such as one or more challenge questions, will be presented to the customer. Similarly, commercial online banking also applies a layered security approach whereby two or more identifying factors are required to gain access (e.g., a username and password plus a security token)
Monitoring -- Keeping vigilant watch over network operations is integral to the online security policies of most banks. Technology specialists continuously monitor online activity looking for out of the norm customer behavior and/or suspicious activity, particularly at login. For instance, too many incorrect login attempts will signal the system to lock a user out of their account until positive account verification can be confirmed. Transaction amounts (specifically withdrawals) that fall outside the customer's normal or pre-established limits are also scrutinized.
Industry partnerships -- Aside from internal controls, many banking institutions work closely with anti-virus and anti-malware vendors, sharing data they have collected and collaborated on new online fraud prevention techniques. Similarly, banks often work with law enforcement agencies, sharing information that may lead to safer online experiences for their
customers.
The Ultimate Protection
As sophisticated as the banking industry's security measures have become, there is no substitute for a well-educated and aware customer. Toward that end, a bank's customer awareness and educational efforts should address both retail and commercial account holders and, at a minimum, include the following elements:
An explanation of protections provided, and not provided, to account holders relative to electronic funds. An explanation of under what, if any, circumstances and through what means the institution may contact a customer on an unsolicited basis and request confidential account-related credentials. A list of risk control measures that customers may consider implementing to mitigate their own risk. A list of appropriate contacts for customers to use if they notice suspicious account activity or experience security-related events
Source/Disclaimer: Source: The Federal Financial Institutions Examination Council (FFIEC) FFIEC Supplement to Authentication in an Internet Banking Environment June 29, 2011.
Content provided by the Financial Planning Association, of which multiple IWP advisors are members. © 2014 Wealth Management Systems Inc. All rights reserved.
Comments