Internet Banking Safety Tips – To a user & a Bank

Posted By: KP On March 21, 2011 Under Internet, Security Stuff Categories

Recently cyber crime department caught a gang which sneaked in many bank accounts and stolen money. Methodology they followed was e-mail to users asking for passwords from bank. This news led me to highlight some common points regarding internet banking security.


The tips are not only for end users but also for the banks which provide net banking. Awareness from user end and strong algorithms from bank end both are equally important. Not all the time hacker get caught and a wise man has said precaution is always better than cure.

For users:

  • Bank never communicates through emails. They don’t ask for username and password in email. If you receive such email it is a hacker’s trap, delete the email. One wise man will report that mail to bank or cyber crime department.
  • Bank or its representative never ask for password and username over telephone. I advice you to not to share it with anyone.
  • Change your password after 6 months.
  • Use on screen keyboard for entering id password. Go to Start –> Run, type osk to get windows on screen keyboard. A few banks provide osk on their site.
  • Use good antivirus, don’t download and install unknown softwares.
  • Remember your id and password, don’t write it anywhere.
  • Don’t access net banking account from cyber café or public computer. Use a single computer as far as possible.
  • Use hardware login method if available.
  • Login net banking site by directly typing site name. Don’t click any link, if that link takes you to login page, close the page, start over.

For Banks:

Internet banking security is a big issue. It directly deals with money. In such case where user is not that aware, banks should think smarter to protect their customers.

  • Don’t be dependent only on software authenticate methods. i.e. password. Implement hardware login method. Offer a hardware token generation which is physically available only with the user. This will protect account even if password has been hacked.
  • Axis bank has already implemented three hardware tokens which includes their net secure device ( A random token generator for unique user and time )
  • Confirm transfer action using user’s mobile authentication. Use separate password for login and transfer.
  • Provide on screen keyboard on website. It is very basic requirement of an internet banking website, many sites are still missing it. Best is randomize keys on every reload. You can disable user physical keyboard input.
  • Arrange awareness programs and seminar for net banking customers. This will not only aware users but also will increase net banking usage.
  • Show user custom graphic on login page. This will protect from fake pages.
  • Alert user on mobile on login.

Share with Friends ( Sharing is Caring! )

Subscribe For E-mail Notification Of Article Updates

Enter your email address:

( What is this? Why I need to do this?)

Related Posts

Post a Comment