Online banking is becoming more common. But whether people are taking the right security precautions when using online banking services is a bit of a question mark. After all, do you really know what to do to keep your bank information safe when using it online?
A recent Bank of America survey found that 62 percent of Americans now use digital services (such as online portals or mobile apps) as their primary means of banking. That’s up from 51 percent in 2015, and 47 percent in 2014. Two years in a row might be a coincidence, but three years in a row make this a trend.
And unlike some online trends, it’s pretty easy to see the appeal of digital banking services. It saves customers the trouble of visiting a physical branch or machine, and cuts down on wait times that come with telephone banking.
But there’s a catch. Digital banking services don’t provide the same kind of security people get when they actually visit a bank, or even an automatic bank/teller machine (known as an ATM in many parts of the world).
“Online banking basically puts a bank machine on the internet. But the World Wide Web, Wi-Fi networks, and devices don’t offer people the level of security they expect from banks,” says F-Secure Security Advisor Sean Sullivan. “Banks aren’t ignoring these risks, but basic man-in-the-middle attacks are more than enough to compromise the security of an online banking session.”
Man-in-the-middle (MITM) attacks are when an attacker is able to place themselves in between two parties exchanging information, allowing attackers to monitor or even change the information being communicated. So when you’re doing banking over the internet, you’re sending/receiving information like passwords, financial details, and other data that MITM hackers can steal and use to break into your bank account.
But this doesn’t mean you should shy away from using these services. Here’s a few pieces of expert advice you can keep in mind when exchanging bank account details, or really any type of sensitive information over the internet.
Your PC isn’t an ATM. It doesn’t have the same security features. It’s not in a location monitored by the bank. Taking care of it is up to you.
If you do online banking with your PC, make sure you secure your computer with reliable security software that includes anti-phishing and banking protection features.
It may surprise you to learn that mobile banking apps can be better options than banking services offered through web browsers. “Official banking apps are better protected against MITM attacks than most web-based services,” says Sean. “As long as you stick to the official apps endorsed by your bank.”
So if your bank has a mobile app available for your device, it’s probably safer to use than a website. But remember to use a VPN when sending data with your device’s Wi-Fi connection, as this is often the least secure way to connect to the internet.
According to Sean, banks aren’t completely hands-off when it comes to securing internet banking services. “Banks use anti-fraud algorithms to protect their customers from criminals using hacked accounts,” he said. “But this system is hardly perfect.”
But proactively protecting your money is just good security advice. And if you use the internet for banking, shopping, or any other activity that requires you to exchange financial information over the internet, you should take the right precautions.
Sean Sullivan gave eight data protection tips in a recent interview, so check those out to learn more about some simple security measures you should take to protect the data you send and receive over the internet.
After F-Secure principal security consultant Tom Van de Wiele stepped into the #CyberSauna for the second episode of…
January 19, 2018