Home » Computers

Banks Unwittingly Leave Customers' Information Insecure

Aug 27, 2008
Data security came under the microscope at the University of Michigan with regard to banking practices recently, and the findings were quite disturbing. Researchers noted that over three quarters of banks actually train their customers to use insecure practices while they are banking, by doing things like redirecting them to third party websites without a flag, putting secure login boxes on insecure pages, and using email addresses or social security numbers as default user ids, many of which remain unchanged for months or years after an internet banking account is set up.

The study examined 214 US banking institutions, and found that just over three quarters of them - 76% - had design flaws that would either allow access by hackers, or trained customers through design flaws to ignore insecure practices. However, in the interests of protecting customers at these banks, they will not publicize which institutions leave your computer network security vulnerable.

Atul Prakash is a professor of computer science and engineeering who helped prepare the report. He says "We want banks to make the right decisions, so that people who are trying to be careful can do online banking securely." A banking security analyst with Gartner Inc, Avivah Litan, agrees, and goes one step further, saying "Conventional wisdom is that clients - or PCs - are inherently insecure devices. What this study shows is that the servers, or the bank and other consumer-facing websites, are also inherently insecure".

Some of the faults noted with the data security practices of the banks included putting secure login boxes on insecure web pages. This was one of the biggest problems, as even if the login boxes send and receive information through SSL (Secure Socket Layer) technology, if the full page itself isn't protected with the technology, it is diffiuclt to tell whether the site is real or fake. SSL encrypted web pages show a padlock icon in the address bar, and show not only that the page is secure, but that the site's owner is legitimate and their security certificate is current. If only the login box is secured, the padlock icon will not appear in the address bar, and as far as customers know, they are entering insecure information.

One of the other large problems that was found with the data security of online banking instititutions was that they often redirect customers to third party sites, for example partner sites for bill paying, without notifying the customer. These third party sites could be copied by hackers, and since customers have become used to entering information into a site that isn't their banks, their banking details are at risk.

The insecurity of information which we often assume to be sacrosanct was recently exposed, when hackers broke into Citibank's network of ATMs housed by Seven-Eleven stores. They were able to steal customer's PIN codes, netting the alleged thieves millions of dollars, as revealed in court recently. This demonstrates that even if your private computer network security is good, disturbingly, your information is still at risk.

This scam was possible because of the ATM system's infrastructure, built on Microsoft's Windows, as this allows machines to be remotely repaired after diagnosis. Industry standards call for the strongest possible encryption on PIN codes, however, they seem to be vulnerable while in transit between the computers that process the trnsaactions and the automatic teller machines.

Businesses are advised to engage registered IT consultants and network security services to help protect their banking information, or risk lengthy proceedings to reclaim money.
About the Author
Datacraft is the leading independent IT services and solutions company in Asia Pacific. Datacraft combines an expertise in networking, security, Microsoft solutions, storage and contact centre technologies, with advanced skills in consulting, integration and managed services, to craft IT solutions for businesses.
Rating:
Please Rate:
(Average: Not rated)
Views: 131
Print Email Report Share
Article Categories
    • Artists
    • Gambling
    • Humanities
    • Humor
    • Movies
    • Music
    • Photography
    • Tattoos
    • Television
    • Classic Cars
    • Motorcycles
    • Recreational Vehicles
    • SUVs
    • Trucks
    • Vans
    • Branding
    • Business Opportunities
    • Careers and Jobs
    • Corporate
    • Customer Service
    • Direct Mail
    • Entrepreneurship
    • Ethics
    • Financing
    • Franchising
    • Home-Based Business
    • Human Resources
    • Import and Export
    • Leadership
    • Management
    • Market Research
    • Marketing and Advertising
    • Negotiation
    • Network Marketing
    • Networking
    • Organizational
    • Presentation
    • Project Management
    • Public Relations
    • Small Business
    • Strategic Planning
    • Team Building
    • Telemarketing
    • Training
    • Ask an Expert
    • College and University
    • Home Schooling
    • K-12
    • Languages
    • Online Education
    • Psychology
    • Accounting
    • Credit
    • Currency Trading
    • Debt Consolidation
    • Insurance
    • Investing
    • Leasing
    • Loans
    • Mortgage
    • Mutual Funds
    • Personal Finance
    • Stock Market
    • Structured Settlements
    • Taxes
    • Wealth Building
    • Coffee
    • Cooking
    • Gourmet
    • Recipes
    • Wine and Spirits
    • Acne
    • Aerobics
    • Alternative Medicine
    • Beauty
    • Cancer
    • Cosmetics
    • Depression
    • Diabetes
    • Diseases and Conditions
    • Fitness Equipment
    • Fitness
    • Hair Loss
    • Heart Disease
    • Medicine
    • Men's Health
    • Muscle Building
    • Nutrition
    • Skin Care
    • Supplements and Vitamins
    • Weight Loss
    • Women's Health
    • Yoga
    • Arts and Crafts
    • Babies
    • Collecting
    • Elderly Care
    • Genealogy
    • Hobbies
    • Parenting
    • Pets
    • Pregnancy
    • Woodworking
    • Feng Shui
    • Gardening
    • Home Appliances
    • Home Security
    • Interior Design
    • Landscaping
    • Affiliate Programs
    • Article Marketing
    • Auctions
    • Audio
    • Banner Advertising
    • Blogging
    • Broadband
    • Domain Names
    • E-Books
    • E-Commerce
    • Email Marketing
    • Ezines and Newsletters
    • Forums
    • Internet Marketing
    • Link Popularity
    • Pay-Per-Click
    • Podcasting
    • RSS
    • Search Engine Marketing
    • Search Engine Optimization
    • Security
    • Social Media
    • Spam
    • Video
    • Viral Marketing
    • Web Design
    • Web Development
    • Web Hosting
    • Copyright
    • Cyber Law
    • Intellectual Property
    • National, State, Local
    • Patents
    • Regulatory Compliance
    • Trademarks
    • Buying
    • Selling
    • Baseball
    • Basketball
    • Boating
    • Cycling
    • Extreme Sports
    • Fishing
    • Football
    • Golf
    • Hockey
    • Hunting
    • Martial Arts
    • Running
    • Scuba Diving
    • Soccer
    • Swimming
    • Tennis
    • Dating
    • Divorce
    • Marriage
    • Weddings
    • Astrology
    • Buddhism
    • Christianity
    • Faith
    • Hinduism
    • Islam
    • Judaism
    • Meditation
    • Metaphysical
    • New Age
    • Cable and Satellite TV
    • Cell Phones
    • Communication
    • Gadgets and Gizmos
    • GPS
    • Satellite Radio
    • Video Conferencing
    • VoIP
    • Addictions
    • Coaching
    • Goal Setting
    • Motivational
    • Stress Management
    • Time Management
    • Clothing
    • Electronics
    • Fashion
    • Gifts
    • Jewelry
    • Causes and Organizations
    • Environment
    • History
    • Holidays
    • Men's Issues
    • Nature
    • Philosophy
    • Politics
    • Women's Issues
    • World Affairs
    • Air Travel
    • Camping
    • Cruises
    • Destinations
    • Outdoors
    • Article Writing
    • Book Reviews
    • Copywriting
    • Fiction
    • Non-Fiction
    • Poetry
    • Quotes
    • Screenplay
    • Tools and Resources