We’ve talked a bit about being smart and secure when banking online, but at least one “financial analyst” thinks that online banking needs to be difficult to use in order to keep you safe.
Although customers should expect convenience from an online account, they should be wary of an Internet bank that makes it too easy for someone to set one up, said Avivah Litan, a consumer-finance analyst for Gartner Group, a business-research firm in Stamford, Conn.
In this age of electronic identity theft, financial companies should make it as difficult as possible for an ID thief to obtain and misuse your personal information, she said. Internet banks should have multiple layers of security to verify that online customers requesting access to accounts are who they say they are, she said.
“It sounds counterintuitive,” Litan said, “but you want to have some inconvenience when it comes to setting up these accounts.”
I don’t think most online banks are listening to Litan. In my experience, most online savings accounts are very easy and straightforward to open.
In terms of security, the newest trend for online banking seems to be the “security image” or “sitekey” they use to confirm to you that you are actually on the bank’s site. It seems kind of silly, and apparently many online bankers don’t even notice them.
Users of online banking sites tend to bypass critical clues that the integrity of those sites may have been compromised, according to the working draft of a study released on Sunday by researchers at Harvard University and MIT.
The study, which will be formally released in May at the IEEE Symposium on Security and Privacy in Oakland, Calif., underscores how new technologies and warnings can’t completely protect Internet users from scams such as phishing.
It also throws doubt on the effectiveness of site-authentication images, which have been implemented by financial institutions such as Bank of America Corp., Vanguard Group Inc. and ING Bank FSB. The images, selected by the customers, are shown when a bank customer logs in from a different computer than is normally used.
Of all the online banks I use, HSBC’s “Security Key” is the most annoying. It’s a “virtual keyboard” that can only be used by clicking on the buttons — you can’t actually use your keyboard. And in addition to clicking out your security key, you also need to put in your password.