Online Banking Security: How To Stay Safe Online

7 December 2016

When banking is taken out of the safe domain of ‘bricks and mortar’ branches, security must be a priority.

All institutions pay great attention to the development of security for their online banking portal. From the customer point of view, the main concern is becoming familiar with your responsibilities pertaining to security and making sure you know exactly when, if ever, you are liable to lose your money for good if something goes wrong.

How good is the security for online banking accounts?

These days, the security is pretty good! Since the invention of the first savings account, banks and financial institutions have been at the forefront of new security measures to keep your money safely tucked away.

Online Banking Common Security Measures

Some of the most common security measures for online banking include the following:

  • Customers log in with a password.
  • Customers can confirm their password log-in with an additional security code that is texted to your mobile phone or other device – known as “two step verification” or “two factor authentication”.
  • Banks use advanced anti-virus protection and firewalls to stop virus threats and other unauthorised access from reaching their centralised computer network.
  • Banks use encryption technology when sending any electronic instructions or information between you and the bank, such as when making payments or viewing account information.
  • Online banking log-in entries cannot be cached, meaning your account log-in entries are erased as soon as you log out from the site. This means no one who has access to your computer or device can retrieve your password from your app or web browser and log in to your account.
  • Customers may have to authenticate the validity of a transaction before payment is made, e.g. by entering a security code or by entering the numbers and letters shown in a picture.
  • Online banking will automatically log out (“time out”) after a period of inactivity by the customer when logged in to online banking.
  • Access to online banking account will be locked out after a number of unsuccessful log-in attempts.
  • Online banking will show customers the time and date of the previous log-in to the account, so that customers can confirm there has been no unauthorised access.
  • Fraud detection teams will contact customers via phone if unusual activity is detected on your account, and the card may be stopped so that funds are frozen and cannot be used by thieves.

When it comes to near field communication (NFC) payments such as making a contactless payment using a mobile phone app instead of your bank card, banks are using the same measures to keep your phone secure as they use to keep your card secure. Other measures can include biometrics, a fingerprint sensor technology where you can sign in to your mobile banking with a single touch if your phone has a touch screen. Bank of Melbourne was the first institution in Australia to launch this form of technology with their Touch ID security.


How can you keep your online banking account safe?

Criminals know that it is very difficult to get past the advanced security systems of banks, so they usually focus on tricking customers into giving away their own confidential information. You can avoid becoming a victim of online monetary theft or identity theft fraud by protecting your information and protecting your online banking devices.

First off, you need to create a secure password that is easy for you to remember without writing it down but hard for anyone else to guess. Here are our top tips for a good password:

  1. Create different passwords for all the websites, emails and mobile devices you use.
  2. Change all your passwords regularly.
  3. Use letters, numbers, symbols and spaces in your passwords to make them harder to guess. Any password that is just a word you can find in a dictionary can be hacked. For example, “Slip Slop Slap” could become “51ip 510p 51ap” instead.
  4. Don’t use any publicly available information about yourself in your password, such as your birthday, age, address, or phone number.
  5. Don’t use the names of any of your family members or pets in your password.
  6. Personalise your passwords with something that would be hard for someone else to guess, like the title of your favourite book, or a catchy advertising jingle you’ve always been able to remember.
  7. If you’re alone when you’re keying in a password, say it out loud as you type. This will help it stick in your memory.

Apart from creating a secure password, you can also keep your information secure when doing your banking online by following these tips:

  • Never use unsecured public Wi-Fi to do your online banking.
  • Install anti-virus software on your computer and mobile devices, and update the software regularly.
  • Always access your online banking through your bank’s main web address or their own app, not any address or app created by a third party.
  • Make sure no one can view your screen.
  • Set your smartphone and tablet to automatically lock when not in use, so that no one can access your device without your password.
  • Store your mobile devices in a safe place.
  • Always, always, always log out of your online banking site by clicking on the ‘Logout’ or ‘sign-out’ icon.
  • Close the browser by clicking on the ‘X’ icon before you move on to any other websites.
  • Regularly clear your browser’s cache to wipe out any stored copies of web pages from your device.
  • Don’t give anyone else your customer ID or online banking password.
  • Keep your PIN and internet banking log-in details and passwords safe and don’t keep them written down anywhere if you can help it.
  • Do not use the same password for your online banking as for any other website. Do not use the same password for unlocking your phone as for logging into your online banking app.
  • If you suspect someone has your online banking details, change your password immediately.
  • Contact your bank if you lose your smartphone or tablet, especially if your bank uses an SMS text message as a security measure to authenticate transactions.
  • Whenever you receive a text message from your bank to authenticate a transaction, delete the message immediately after using the code.
  • Delete all text messages from your bank on your mobile device before sharing or selling the device.
  • If you are having trouble accessing online banking when you are overseas, call your bank’s phone number.
  • Read the privacy policy before providing personal information to any website.
  • Be wary of free downloads or screensavers, as they can sometimes contain malware or spyware. Only download apps from reputable app developers, using an official app store.
  • Always delete spam hoax emails. No bank will ever send you an email with a link to your online banking or ask you to provide your account information by email or online. If you receive a suspicious email but you’re not sure if it is legitimate, call your bank and ask.
  • Check every bank statement and call your bank if you see anything you don’t remember paying for.

According to technology experts, the weakest link in the online security chain is likely to be your computer, not the banks!

Share this article