Visiting the bank for everyday tasks such as withdrawing cash, making deposits and paying bills is a relic of the past. Online payments are common and we can easily manage several bank accounts, transfer money to debtors and look after the company finances with just a few mouse clicks.
We are well and truly in the era of internet banking. How do you make online banking safe?
Online banking brings financial services to the palm of your hand so they can be accessed from almost any place at any time.
Here are our five tips for safer online banking.
1. Don’t share access between multiple people
Within many businesses, there are often several people who have authority to access the corporate accounts. Ensuring that each person has their own password means you can keep tabs on who is doing what and follow up any problems.
It also means individuals don’t have to share passwords. So, if one person leaves the business, you only have to cancel their account rather than tell everyone the new password.
As a bonus, your auditors will prefer that everyone’s access is segregated so that staff can only access the accounts they need.
2. Look for two-factor authentication
Two-factor authentication (sometimes abbreviated to 2FA) requires that you enter two pieces of information to log in. It’s based on something you know (like a password) and something you have (a one-time code that’s generated by a special device called a token).
Several Australian banks offer two-factor authentication. Often, they do this by sending a one-time code to a mobile phone. So, you need to enter both your password and the one-time code in order to access the online banking service.
Although it’s not commonly offered to consumer banking customers, it’s a feature that business customers can access.
3. Don’t use public hotspots
Public Wi-Fi hotspots might be convenient, but they are very insecure. It’s trivially easy for a motivated party to intercept wireless data while it’s in motion and then use that information for nefarious purposes.
If you need to do mobile banking – don’t use a public hotspot. You’re better off using the hotspot functionality on your smartphone as you can secure that and then take advantage of the cellular network’s built-in security.
In short – consider any data you send and receive on a public hotspot to be available to anyone else who can connect to that hotspot.
4. Bank in private
Shoulder Surfing is the act of sitting over someone’s shoulder and looking at what they’re doing. If you watch carefully and have a good memory, you can capture someone’s username and password as they type.
Even if you’re using a private internet connection, make sure no one is looking over your shoulder and looking at what you type and what’s on the screen.
Even if someone only has your username they can lock your account by entering the password incorrectly and then try to fool a call centre operator into resetting the password so they have access to your accounts.
5. Phishing scams
There are some very sophisticated phishing scams being perpetrated by data thieves.
In a phishing scam, an email is sent to you that looks like it was sent by your bank. It will have the right logos, be written in banking language and have links to what looks like your bank’s website. Another form of phishing scam is to call you over the phone and ask you to provide account information to ‘assist’ you with some sort of mysterious, previously unknown to you, account problem.
In reality, everything is fake and designed to get you to enter your username and password. This is captured by the bad guys who use the information to pillage your account.
The solution is simple – never click a link in an email from a bank or provide account information over the phone.
If you think the issue is real – go to your bank’s website directly and not via an email link or phone your bank’s call centre.
No bank will ever ask you to reset your account password via email or over the phone.
Internet banking is incredibly convenient but it’s important to follow safe practices when using it.