A third of banks and payment services fail to offer a secure channel for their online payments according to Kaspersky and research company B2B International. Services said it was cheaper to deal with fraud as it happened rather than implementing protection systems.
If a third of all banks and payment services can’t offer secure payments, what should businesses be doing to protect their financial transactions online? foundU spoke to Ben, our lead developer and head of online security, for his advice regarding internet banking.
Don’t get Phished
Phishing is process whereby a victim is baited into clicking on a malicious link or website (hence the play on words with fishing). Phishing is particular common in the financial industry with many clients losing personal data and funds.
A common method of phishing happens when a customer is sent an email from their bank asking that they follow a link to their online account. Clients follow the link and are directed to a realistic, fake version of their bank’s website. Here, the customer enters their details only to have them stolen.
Ben says that while many experts will recommend that a user look for a secure https connection (the green bar and lock to the left of the URL) this can be faked. The best option is to trust your gut feeling and look for spelling errors, poor design and bad grammar.
As phishing attempts become more effective, Ben warns users to always pay attention their bank’s website and avoid using public wi-fi when conducting financial transactions. Use carrier data instead for a higher level of protection.
Two – Factor Authentication
Two – factor authentication (2FA) was created to offer higher-level security when conducting sensitive activities on-line. The process works by forcing the user to input two forms of identification when logging in. 2FA is already implemented widely with most businesses using key-ring code generators alongside passwords when banking online.
The popularity of 2FA has been embraced by a range of industries with Google leading the way through its two-factor authentication and creation tool. Ben explains that most people use two-factor authentication almost every day without realising it. ATM banking is a form of two-factor authentication with factor one being the card and factor two the PIN.
Although, while one of the most secure ways to login online, Ben highlighted that fact that is weak when used through smart devices. Having SMS codes sent to the same device which you login through will never be as strong as separate devices.