Moving Money Electronically -- Your Protections and Risks
As electronic banking increasingly becomes the favored means of moving money, the security risks posed by online transfers continue to proliferate. At Watters Financial Services, LLC we strive to educate all of our clients about identity theft. This article from Wealth Management Systems Inc. provides many important facts about fraud prevention and moving money online. We highly recommend it to all of our clients and we will be sponsoring a Client Shredding Event on April, 30th to help our clients keep their identities safe.
Social Media Message
How serious is your bank about online security? Compare its practices with these common protections.
As electronic banking increasingly becomes the preferred means of conducting financial transactions for consumers and businesses alike, the security risks posed by online money transfer continue to proliferate.
For their part, banks have a vested interest in keeping their customers' assets and confidential information secure. That is why the banking industry as a whole has developed a series of standard security protocols and techniques designed to do just that.
Common Fraud Protections
Following are general protections offered by most banks. Be sure to compare this list against the measures your own banking partners have put in place to keep your identity and assets safe as you bank online with them.
Firewalls -- Firewalls are software or hardware-based security systems that create a secure barrier between your bank's internal network, where your information is stored, and the unsecured Internet. The data "traffic" flowing in and out of the bank's network is monitored and analyzed to determine its legitimacy.
Encryption -- Encryption scrambles information being transmitted between your device and the bank's network into a code that is virtually impossible to decipher, thereby protecting against unauthorized access. Many financial institutions now use 128-bit encryption, an advanced encryption technology.
Multilayered Authentication -- Many online banking/financial systems now require many layers of user identification, or authentication, that only those authorized can provide. For instance, some authentication protocols verify the device the customer is using to access the bank's website. If the device does not match the bank's records, additional authentication measures, such as one or more challenge questions, will be presented to the customer. Similarly, commercial online banking also applies a layered security approach whereby two or more identifying factors are required to gain access (e.g., a username and password plus a security token).
Monitoring -- Keeping vigilant watch over network operations is integral to the online security policies of most banks. Technology specialists continuously monitor online activity looking for out of the norm customer behavior and/or suspicious activity, particularly at login. For instance, too many incorrect login attempts will signal the system to lock a user out of their account until positive account verification can be confirmed. Transaction amounts (specifically withdrawals) that fall outside the customer's normal or pre-established limits are also scrutinized.
Industry partnerships -- Aside from internal controls, many banking institutions work closely with anti-virus and anti-malware vendors, sharing data they have collected and collaborating on new online fraud prevention techniques. Similarly, banks often work with law enforcement agencies, sharing information that may lead to safer online experiences for their customers.
The Ultimate Protection
As sophisticated as the banking industry's security measures have become, there is no substitute for a well-educated and aware customer. Toward that end, a bank's customer awareness and educational efforts should address both retail and commercial account holders and, at a minimum, include the following elements:
- An explanation of protections provided, and not provided, to account holders relative to electronic funds transfers
- An explanation of under what, if any, circumstances and through what means the institution may contact a customer on an unsolicited basis and request confidential account-related credentials
- A list of risk control measures that customers may consider implementing to mitigate their own risk
- A list of appropriate contacts for customers to use if they notice suspicious account activity or experience security-related events
Source: The Federal Financial Institutions Examination Council (FFIEC), "FFIEC Supplement to Authentication in an Internet Banking Environment," June 29, 2011.
Because of the possibility of human or mechanical error by Wealth Management Systems Inc. or its sources, neither Wealth Management Systems Inc. nor its sources guarantees the accuracy, adequacy, completeness or availability of any information and is not responsible for any errors or omissions or for the results obtained from the use of such information. In no event shall Wealth Management Systems Inc. be liable for any indirect, special or consequential damages in connection with subscriber's or others' use of the content.