Subscribe
About

Rather safe than sorry

Sticking to the rules, and never getting complacent or lazy, keeps online banking safe.
By J"org Fischer
Johannesburg, 26 Oct 2007

Online or Internet banking has grown enormously in SA in recent years. This growth has quite naturally attracted the attention of a range of canny fraudsters intent on accessing details that will enable them to raid bank accounts.

When one considers that more than two million South Africans now conduct most of their transactional banking via online banking, the incidences of cyber theft and fraud are extremely low.

However, as with any other form of banking or financial interaction, security breaches do take place, especially when people let down their guard or do not adhere to strict security guidelines and mechanisms provided by banks and other financial institutions.

Phishing - online fraud through obtaining banking details and PIN numbers - has become a widespread threat to online banking clients around the world, but very few banking clients who adhere to all available security procedures ever fall victims to such scams.

Anyone supplying highly sensitive personal information in response to an e-mail purported to come from their bank is not adhering to security protocols and runs the risk of suffering potentially severe financial loss.

Common goal

While individual banks and other financial institutions may differ in the methods they use to counter cyber theft and fraud, many adopt similar measures and almost all use an integrated cross-section of tools and methods to protect their customers.

Systems-generated, one-time passwords have become an important weapon in the fight against online banking crime - these are usually sent to customers via SMS to their cellphones. The one time password facility makes use of two-factor authentication, whereby the delivery of a second password occurs independently of the Internet banking session a client uses.

In some cases, banks require their customers to access an online PIN-pad that uses different components of a password every time they log in to their banking profile.

It is important to note that mechanisms such as one-time passwords are only effective if they complement a wide range of other vital security features already in place.

These may include:

* Keeping anti-virus software as up-to-date as possible to guard against new viruses.
* Having an alert system that notifies account holders when transactions take place in their accounts.
* Installing a personal firewall to prevent unauthorised access to PCs and laptops (some banks provide free firewalls and anti-virus software as part of their service).
* Never divulging one`s card and PIN details.
* Keeping operating systems and browser patches up to date.
* Always accessing banking Web sites via the Internet and not through bookmarked or saved pages.

Crime hotspots

If used judiciously, online banking is extremely safe and secure.

J"org Fischer is CIO of group IT at Standard Bank.

The bottom line for all users of Internet banking is that they must at all times follow security procedures and never get complacent or lazy when it comes to adhering to the rules. It`s as simple as that!

Most importantly, WiFi hotspots and Internet cafes (especially when not using your own computer) should be avoided for banking and financial transactions as screen scrapes and Trojans can be utilised by criminals to monitor key strokes.

Having grown around 25%-30% a year over the past five years, online banking is still in an upward growth trend in SA as more and more South Africans gain access to technology and want to benefit from the convenience and cost-effectiveness of the online banking channel.

If used judiciously, online banking is extremely safe and secure, and can be used with a large degree of peace of mind by banking customers anywhere in the country.

Adding to the peace-of-mind factor is that banks and financial institutions are constantly monitoring international trends to be able to take proactive steps to protect their online clients. As with medicine, prevention is better than cure.

It is vital that banks and other financial institutions continue with these efforts, as we can be sure the criminals will never call a truce in their attempts to breach online banking defences.

* J"org Fischer is CIO of group IT at Standard Bank.

Share