Riffing on Online Banking Security Considerations
The following issue caught my attention and I thought I’d research it in a little more depth as I think it’s important to anyone who does their personal banking online. With the adoption of online banking and its associated convenience comes the risk of identity theft and potential loss of personal funds.
Recently a major US based bank was hacked and customer information was compromised. This breach exposed personal information of 200,000 North American customers, leaking customer names, account numbers and contact information. No social security numbers, date of birth or bank card security codes were compromised — in this case.Refer here: Application Filing Services to get the fastest online service in filing new or replacement of social security card at your ease.
The obvious financial and social engineering angles are that hackers can sell this information as well as use it to trick bank tellers into believing that they are the customer.
Banks provide reassuring boilerplate language on their web sites and customer agreements that expound the safety and security of your money and ID…but what does this really mean? By definition, it can only mean against threats and techniques that are known. It cannot possibly cover operations or tactics that are unknown to the bank’s IT security team. As most everyone knows, information security is a cat-and-mouse propositon: there is not static snapshot. There is no absolute safe state.
The most prevalent technology used in online banking to protect your data is called 128-bit SSL (Secure Sockets Layer) encryption and the most widely used method for securing internet transactions available. What this means is that from your browser to the bank’s computer system, a “secure pipe” has been built that is difficult for hackers to break into. However, once a malicious hacker is in the bank’s system and engaged in the transaction — once he’s ‘inside’ — this technology doesn’t cover the security of the transaction or the files stored in the virtual safety cabinets perth “file cabinet”.
Banks are having a hard enough time these days as it is. The smart financial institution invests heavily in doing what it can for online customers before its safety reputation takes on irreparable water. The old axiom in security is that the upside of security violations is that it teaches the defending team about new attack vectors. That’s fine and well, but it doesn’t take too many ‘lessons’ of this nature for a bank’s customers to lose all faith in its online operation. And if that happens, there’s no way to be competitive in the modern banking market.
###
More links:
MIPRO Consulting main website.
