Improved Security for Online Banking

Written by Nickel - 5 Comments

Acccording to recent reports, the feds will require bank web sites to strengthen their security precautions for internet customers. To this end, bank web sites are expected adopt some sort of “two-factor” authentication scheme by the end of 2006. In other words, customers will soon have to verify their identity using both a password (or PIN) and some sort of physical item, such as a hardware token that produces constantly changing access codes, or perhaps a ’smart’ card that the customer inserts into a card reader attached to their computer.

Other options include some sort of biometric verification, or perhaps technology to approximate the physical location from which the login attempt was initiated (presumably via IP address???) and compare it to the customer’s address. While I agree that security is a major issue when it comes to online banking, I’m less than thrilled about having to carry around a pocketful of dongles just to access my various accounts. And the other options have problems of their own. In my opinion, login systems such as the one used by ING Direct ($25 account opening bonus) strike a good balance between security and usability — they require an account number, PIN, and an additional (rotating) security question. Moreover, they’ve recently implemented a clickable keypad on their login screen which should help to protect against keystroke loggers.

[Source: Yahoo! News]

Published on October 25th, 2005 - 5 Comments
Filed under: Banking, Online
email this article email this article - add to tip'd - stumble it - digg it - bookmark it

About the author: Nickel is the founder and editor-in-chief of this site. He's a thirty-something family man who has been writing about personal finance since 2005, and guess what? He's on Twitter!

Related articles...

» One Year Ago This Week (October 22nd – October 28th)
» From the Archives (October 21st – October 27th)
» Online Financial Statements
» Online Banking Poll Results
» Online Banking Explosion
» HSBC Direct Adds (More) Annoying Security Features
» Money Poll #7: Online Banking
» Money Poll #10 (Checkbook Balancing) Results

Was this article useful? Please sign up to receive our content via e-mail:

You will receive only the daily updates, and can unsubscribe at anytime.

Comments (scroll down to add your own):

  1. I have to wonder why they continue to require the account number, though, instead of creating login IDs. The account number is not a secret, but it is extremely difficult to remember, and a pain in the butt to keep entering.

    Comment by Matt — Oct 26th 2005 @ 2:53 am
  2. This is really not new news. E*trade already has available an RSA token. Login requires both password and the changing token number. Well nigh impossible to hack because the number changes frequently

    Comment by Al Brockman — Oct 28th 2005 @ 10:44 am
  3. I really like ING’s clickable PIN pad. It is an excellent defense against key loggers on public computer (not that I’d look at financial data on a public computer without additional security I have at my disposal). I agree the requirement of the Customer number is a pain (I don’t remember mine, but I have it in a password protected application on my compurter and Pocket PC), I’d much rather have a personal ID I can make up.

    Comment by Michael — Nov 1st 2006 @ 10:53 am

Leave a comment

Subscribe without commenting

  1. < $10,000
 

Disclaimer...

The terms of third-party offers referenced on this website are subject to change without notice. While we strive to maintain timely and accurate information, offer details may be out of date. Visitors should thus verify the terms of any such offers prior to participating in them. Please see our terms of service for additional details.