Do you consider online banking in its current state to be secure. In your experience, what are the biggest mistakes that financial services providers — and their customers — make that expose them to security risks?
The world is changing at a staggering rate and technology is considered to be the key driver for these changes around us (Papers4you.com, 2006). An analysis of technology and its uses show that it has permeated in almost every aspect of our life. Many activities are handled electronically due the acceptance of information technology at home as well as at workplace. Internet can be seen as a truly global phenomenon that has made time and distance irrelevant to many transactions. The transformation from the traditional banking towards e-banking has been a ‘leap’ change.
The evolution of electronic banking started from the use of automatic teller machines (ATM) and has passed through telephone banking, direct bill payment, electronic fund transfer and the revolutionary online banking. The future of electronic banking according to some is the acceptance of WAP enabled banking and interactive-TV banking.
Online banking is the future of electronic financial transactions. The rise in the e-commerce and the use of internet in its facilitation along with the enhanced online security of transactions and sensitive information has been the core reasons for the penetration of online banking in everyday life (Papers4you.com, 2006). According to the latest official figures from the Office of National Statistics (ONS, 2006) indicate that subscriptions to the internet has grown more than 50% from 15 million in 2000 to 35 million in 2005 in the UK. It has also been estimated that 60% of the population in the UK use internet in their daily lives.
Why people refuse to use internet banking?
Today, there are still many internet users who refuse to do their banking online. Their main reason for not doing so is the lack of online banking security. One of the reasons why they feel insecure about banking online is because of misinformationâ€¦.not knowing the correct information about internet security.
A study from the University of Michigan by Atul Prakash looks at design flaws that many online banking sites have today. He concluded that they fail to protect users who don’t know the basics about internet security.
The study focussed on design flaws rather than actual software programming weaknesses. Website design flaws are decisions or assumptions that were made by the web developers when they designed the online banking website. For example, the developers assumed that online banking users were educated about internet security. In fact, the opposite is trueâ€¦.many online banking users are uneducated about basic internet security. This assumption can be taken advantage of by unscrupulous hackers.
Some of the design flaws of online banking security are:
Being able to access the site by using insecure HTTP,
Being redirected to an untrusted site,
Low security password thresholds and e-mailing confidential data to users.
These are all examples of website design flaws that can lead to confidential data being leaked!
Strong Passwords: As far as user password information goes, many of the sites involved in the study don’t require password restrictions for users. Having low quality passwords invite themselves to being disclosed by brute-force attacks. The study also noted that having a strong password does not protect against phishing sites and key loggers.
Many banks find it to be just an inconvenience for their users to force strong passwords. The online banks claimed that by enforcing a ‘three-strike’  lockout policy when incorrectly typing in a password makes brute-force attacks on low quality passwords unrealistic.
However, the study found that even when a ‘three-strike’ lockout policy is enforced, it can be broken if low quality passwords are allowed. For example, if you use a password that is very weak like “password”, hackers can successfully use automated attacks to compromise your login. This is so, even if the online bank enforces a three strike policy. The design flaw here is that online banks have assumed that users will always use strong passwords. Online banks must not assume that some online users understand basic internet security and enforce the creation of strong passwords.
Hackers and intruders have an easier time figuring passwords out when they are not frequently changed. You must change your passwords regularly, especially for your online banking password. When you change your password, the hackers would have to start over again.
Online banks with strong password security policies automatically enforce users to change their passwords periodically. Typically a password creation screen will appear and you will be asked to update your password twice. You will also need to know the old password.
It is harder for hackers to figure out your password if you use a number of different charactersâ€¦ especially if it is a combination of letters, numbers, and symbols found in your keyboard. Of course, it will be harder for you to remember the new password, so you have to make sure you memorize the combination.
A useful tip: never use passwords that are codes like your birth date, spouse’s name, or other relevant information because your password can be deduced quickly and easily. These “coded” passwords are used by a lot of people, particularly in ATM machines and email passwords. By doing this, you simply make yourself a big target to hackers.
Chain of Command: The University of Michigan study by Atul Prakash also mentions websites that break the chain of trust. Often time, bank websites will redirect you to other websites without notice. These sites may not be secured by using SSL  . Many times the certificates  used are not affiliated with the bank at all and there is no way for the user to tell if they are still on the banks website or not. This makes it hard for even knowledgeable users to know if they are on a phishing  siteâ€¦ or not!
Some online banking sites may present secure login options within an insecure webpage. While their online banking site may offer secure logins via SSL and HTTPS  , that same webpage may be available insecurely through a HTTP  version. While redirection to a secure page may occur, if the user had already entered in credential information under the insecure page, then their credentials are at risk of being compromised.
While many sites exhibited 1 or 2 of the noted flaws, there were many on the list that didn’t show any flaws and offered very good security. It also went on to note that some of the sites may have even fixed the flaws noted in the study at the time when the study was released.
Online Banking: Tips for Doing It Safely
With the increasing popularity of the Internet as a virtual marketplace, consumers and criminals alike have capitalized on this growing community. As a result the issue of Internet security has become one of great importance, especially when it comes to online banking. However, safe banking online is not as difficult as it may seem. It simply involves making the right choices. Here are some tips that will help ensure a safe banking experience on the Internet.
Our academic experts are ready and waiting to assist with any writing project you may have. From simple essay plans, through to full dissertations, you can guarantee we have a service perfectly matched to your needs.View our services
First, make sure that the bank you choose is legitimate. If they do not have a branch you can visit locally, then you won’t have the convenience of checking them out in person. In such cases, it is advisable to read pertinent information about the bank on its site. Most financial institutions will have an “About Us” tab where you can read more information about the bank and its history. You should even be able to the find name and address for the bank’s headquarters along with a toll free number you can use to speak with a live person.
Second, be aware of criminals who put up fraudulent websites under a name or web address similar to that of a credible bank. Unfortunately, these undesirables have caused some trepidation when it comes to online banking. However, they can be fairly easy to spot and avoid. These sites are designed to trick you into entering their website and providing your personal information (i.e., social security number, account number, password). Be sure you have typed the appropriate web address for your bank before accessing your account online. This can be easily ensured by “book marking” your bank’s site or adding it to your “favourites” in your web browser. Doing this virtually guarantees you will visit the correct site in the future.
Third, safeguard your private information. Thieves would love to get a hold of your credit card numbers, banking info, social security number and other private data. Review your bank’s security practices. This information is usually available on their website, but you should also be able contact the bank directly if necessary.
Fourth, a secure online banking site will provide encryption  . In this process, private information is scrambled in order to prevent the wrong eyes from seeing it. Some web browsers will show an icon at the bottom of your screen that looks like a key or a lock. This icon indicates that your transaction is secure and your private information has been encrypted.
Hackers and bad people are constantly attempting to crack into our online accounts and access everything from our email to our online banking records for nefarious purposes. How can you stop them from easily accessing your accounts? One very important step is to use highly secure passwords that aren’t easily guessed or cracked by their malicious software. Most of the time they’re after easy targets and will move on if your account can’t be hacked quickly.
Here are five tips to help you create secure passwords for your online accounts:
– Don’t use names, dates, phone numbers, or addresses
– Don’t use common words from the dictionary
– Use a mix of lowercase letters, uppercase letters, numbers, and special characters (such as! * & % where possible)
– Make it at least 8 characters long (longer is better)
– Change it often (for online banking or hosting accounts, try every month)
You may want to use an online random password generator.
If you’re worried that you may have trouble remembering all your secure online passwords, don’t resort to using the same password at multiple sites or using passwords that aren’t secure! Instead, consider an option like RoboForm or RoboForm Online. You can also use Firefox as your browser (it’s free) and allow it to save your passwords. Just be sure to use a master password to secure your passwords file. You can find details about that at http://kb.mozillazine.org/Master_password
Finally, make sure that you logout of the online banking site completely. When you are finished with your online banking session, you need to be sure that you log out. If you do not physically click the log out button, you may stay signed in. Anyone who uses the computer that you used to check your bank account could then get into your bank on-line account. It could also give more time to those people who want to crack into your bank account.
Checking for the lock that indicates a secure log in is crucial to being careful when using online banking. It helps you to ensure that you are giving your password and information over a secure connection. Password protection, and having a secure password, will allow you to make it difficult for others to log into your account. By logging out, you can be sure that you have stopped the connection, preventing anyone (both online or in person) from finding and using your account. You need to be responsible when using online banking to ensure that your finances are safe.
It should be clear that safe online banking is not an impossible task. It simply involves being well informed and making the right decisions.
Cite This Work
To export a reference to this article please select a referencing stye below:
Related ServicesView all
DMCA / Removal Request
If you are the original writer of this essay and no longer wish to have your work published on UKEssays.com then please: