Moving Money Electronically -- Your Protections and Risks

Tim Watters |

As electronic banking increasingly becomes the preferred means of conducting financial transactions for consumers and businesses alike, the security risks posed by online money transfer continue to proliferate.

For their part, banks have a vested interest in keeping their customers' assets and confidential information secure. That is why the banking industry as a whole has developed a series of standard security protocols and techniques designed to do just that.


 Common Fraud Protections

 Following are general protections offered by most banks. Be sure to compare this list against the measures your own banking partners have put in place to keep your identity and assets safe as you bank online with them.

Firewalls -- Firewalls are software or hardware-based security systems that create a secure barrier between your bank's internal network, where your information is stored, and the unsecured Internet. The data "traffic" flowing in and out of the bank's network is monitored and analyzed to determine its legitimacy.

Encryption -- Encryption scrambles information being transmitted between your device and the bank's network into a code that is virtually impossible to decipher, thereby protecting against unauthorized access. Many financial institutions now use 128-bit encryption, an advanced encryption technology.

Multilayered Authentication -- Many online banking/financial systems now require many layers of user identification, or authentication, that only those authorized can provide. For instance, some authentication protocols verify the device the customer is using to access the bank's website. If the device does not match the bank's records, additional authentication measures, such as one or more challenge questions, will be presented to the customer. Similarly, commercial online banking also applies a layered security approach whereby two or more identifying factors are required to gain access (e.g., a username and password plus a security token).

Monitoring -- Keeping vigilant watch over network operations is integral to the online security policies of most banks. Technology specialists continuously monitor online activity looking for out of the norm customer behavior and/or suspicious activity, particularly at login. For instance, too many incorrect login attempts will signal the system to lock a user out of their account until positive account verification can be confirmed. Transaction amounts (specifically withdrawals) that fall outside the customer's normal or pre-established limits are also scrutinized.

Industry partnerships -- Aside from internal controls, many banking institutions work closely with anti-virus and anti-malware vendors, sharing data they have collected and collaborating on new online fraud prevention techniques. Similarly, banks often work with law enforcement agencies, sharing information that may lead to safer online experiences for their customers.

The Ultimate Protection

As sophisticated as the banking industry's security measures have become, there is no substitute for a well-educated and aware customer. Toward that end, a bank's customer awareness and educational efforts should address both retail and commercial account holders and, at a minimum, include the following elements:

·         An explanation of protections provided, and not provided, to account holders relative to electronic funds transfers


·         An explanation of under what, if any, circumstances and through what means the institution may contact a customer on an unsolicited basis and request confidential account-related credentials


·         A list of risk control measures that customers may consider implementing to mitigate their own risk


·         A list of appropriate contacts for customers to use if they notice suspicious account activity or experience security-related events



Finally- What about you?

·        You need to be aggressive in making robust passwords and use different passwords for each financial vendor you deal with


·        You need to have up to date virus scan software and firewalls on your computers


·        You need to be aware that many scams are perpetrated via email. Often they are disguised as legitimate requests for information from your bank.



Source: The Federal Financial Institutions Examination Council (FFIEC),"FFIEC Supplement to Authentication in an Internet Banking Environment," June 29, 2011.

Required Attribution

Because of the possibility of human or mechanical error by Wealth Management Systems Inc. or its sources, neither Wealth Management Systems Inc. nor its sources guarantees the accuracy, adequacy, completeness or availability of any information and is not responsible for any errors or omissions or for the results obtained from the use of such information. In no event shall Wealth Management Systems Inc. be liable for any indirect, special or consequential damages in connection with subscriber's or others' use of the content.

© 2014 Wealth Management Systems Inc. All rights reserved.