|
Many banks lets say, "Get it!", when it comes to security. Then
again some banks are out to lunch. In some cases, I have seen two
or three online banking systems where I withdrew all of my money,
the first day I logged in. For those banks it was the equivalent
of running a bank branch without locks of any kind on the doors
and vault. Here is a list of the standard practices you will find:
1. Every piece of data to and from you runs over Secure Socket
Layer (SSL) Encryption-
SSL makes it really difficult for a hacker to make any sense of
information sent to and from. Assuming the hacker was monitoring
your connection or the bank's.
2. Firewall and Internal Encryption-
Banks will brag about this and it is necessary, but it is the equivalent
of you running Internet Security Software.
3. Triple log in procedure-
Banks have always used a user name and password system of some
type. The triple level usually adds a clickable pin number. The
logic here is if it's done with a mouse, key logging malware is
going to be useless to hackers.
4. Personalization-
This is the next step in fighting spam. The only problem is that
many people don't take the time to understand and see it as just
another hoop the banks are making us jump through. Using personalization,
you can really be sure you are on the bank's web site and not a
hackers home. The basic procedure is a single layer, you provide
the bank with a user name maybe and then you click to sign in. Now
you view a personalized message you have put in for yourself. In
some cases, they show you a ppersonalized image as well. This just
might be the end of phising if ever bank and bank customer started
understanding the procedure.
|