Adjust Text Size

Improved Security for Online Banking

Written by Nickel - 5 Comments

Bank Deal: Earn 1.00% APY on an FDIC-insured savings account at Barclays.

Acccording to recent reports, the feds will require bank web sites to strengthen their security precautions for internet customers. To this end, bank web sites are expected adopt some sort of “two-factor” authentication scheme by the end of 2006. In other words, customers will soon have to verify their identity using both a password (or PIN) and some sort of physical item, such as a hardware token that produces constantly changing access codes, or perhaps a ‘smart’ card that the customer inserts into a card reader attached to their computer.

Other options include some sort of biometric verification, or perhaps technology to approximate the physical location from which the login attempt was initiated (presumably via IP address???) and compare it to the customer’s address. While I agree that security is a major issue when it comes to online banking, I’m less than thrilled about having to carry around a pocketful of dongles just to access my various accounts. And the other options have problems of their own. In my opinion, login systems such as the one used by ING Direct ($25 account opening bonus) strike a good balance between security and usability — they require an account number, PIN, and an additional (rotating) security question. Moreover, they’ve recently implemented a clickable keypad on their login screen which should help to protect against keystroke loggers.

[Source: Yahoo! News]

Published on October 25th, 2005 - 5 Comments
Filed under: Banking,Online

About the author: is the founder and editor-in-chief of this site. He's a thirty-something family man who has been writing about personal finance since 2005, and guess what? He's on Twitter!

Comments (scroll down to add your own):

  1. I have to wonder why they continue to require the account number, though, instead of creating login IDs. The account number is not a secret, but it is extremely difficult to remember, and a pain in the butt to keep entering.

    Comment by Anonymous — Oct 26th 2005 @ 2:53 am
  2. This is really not new news. E*trade already has available an RSA token. Login requires both password and the changing token number. Well nigh impossible to hack because the number changes frequently

    Comment by Anonymous — Oct 28th 2005 @ 10:44 am
  3. I really like ING’s clickable PIN pad. It is an excellent defense against key loggers on public computer (not that I’d look at financial data on a public computer without additional security I have at my disposal). I agree the requirement of the Customer number is a pain (I don’t remember mine, but I have it in a password protected application on my compurter and Pocket PC), I’d much rather have a personal ID I can make up.

    Comment by Anonymous — Nov 1st 2006 @ 10:53 am

Leave a comment

Because rates and offers from advertisers shown on this website change frequently, please visit referenced sites for current information. This website may be compensated by companies mentioned through advertising, affiliate programs or otherwise.