Threats and challenges for online banking security
By Jean-Jacques FoglinoOnline Banking offers users the convenience of managing one's finances anytime, anywhere. However, any online transaction can be vulnerable to security threats.
The current state of online banking
Some financial institutions today still employ simple security mechanisms that consist of a username and password combination for login and money transfers. These are easily breached by the increasingly sophisticated methods fraudsters use and have resulted in users having their account details compromised.
That being said, regulators and institutions are moving or planning to move away from simple passwords or single factor authentication and towards more advanced security solutions, such as Two Factor Authentication (2FA) with One-Time Passwords (OTP). OTP systems provide a mechanism for logging onto a network or service by using a unique password that cannot be reused for each transaction. This increases protection for online bank account management, corporate network access and other systems containing sensitive data.
The current threat landscape
Online banking is becoming increasingly popular# as it brings convenience, simplicity and speed to consumers. Common techniques deployed by fraudsters today to obtain login credentials for users’ online banking accounts include phishing, pharming, keylogging, man-in-the-middle and man-in-the-browser attacks.
Regardless of the method employed, fraud is a global phenomenon that is constantly evolving in order to exploit security gaps. It also possesses a migratory nature, targeting countries which have less sophisticated security infrastructure. To prevent and deter fraud, banks must be ahead of the curve through regular upgrading of its infrastructure.
Challenges for online banking security
However, implementing security measures for online banking is a task that’s easier said than done. Securing an online banking channel has many aspects to it and each needs to be addressed individually. A key challenge faced by banks when upgrading their security infrastructure is identifying which technologies to adopt and which parts of their infrastructure to change or upgrade.
Apart from having to provide a robust and secure channel for online banking, banks need to decide on a solution that not only suits their needs, but also balances security, cost and convenience for their customers.