Online Banking Security Not So Secure
More and more people today are taking their banking online. Some 42% of internet users do their banking online. Considering that this number is growing every year, banks and credit unions are looking at their online banking security and making sure that they are able to provide safe interactions with their customers. For those that don't do their banking online claimed that their main reason for not doing so is the lack of online banking security. One of the reasons why they feel insecure about banking online is because of misinformation and not knowing the correct information on internet security.
A study from the University of Michigan by Atul Prakash looks at design flaws that many banking sites have today that fail to protect users who don't know the basics about internet security. It looks at design flaws rather than actual application vulnerabilities. Design flaws are different from application vulnerabilities because they are based on decisions that were made when designing the website. Many of these decisions that the designers of banking sites have made promote insecure user behavior and because many users are uneducated about basic internet security, these flaws can be taken advantage of.
Some of the flaws of online banking security that were noted were things such as being able to access the site by using insecure HTTP, being redirected to an untrusted site, low security password thresholds, and emailing confidential data to users. These are all flaws that have been found that if a user is unaware of the risks that these designs pose, can lead to confidential data being leaked.
As far as user password information goes, many of the sites involved in the study don't require password restrictions for users. Having low quality passwords invite themselves to being disclosed by brute-force attacks. But it is also noted that with the introduction of phishing sites and keyloggers, having a strong password doesn't protect against those and many banks find it to be just an inconvenience for their users to force strong passwords. It is also claimed that by enforcing a 'three-strikes' lockout policy when incorrectly typing in a password makes brute-force attacks on low quality passwords unrealistic. But the study finds that even enforcing a lockout policy is not enough if low quality passwords are allowed. Parallel dictionary attacks can be used if a list of usernames are available where a string of authentication requests are run across all the usernames using common passwords.
The study also mentions websites that break the chain of trust. Often times bank websites will redirect to other websites without notice. Regardless of whether these sites are secured by using SSL, many times the certificates used are not affiliated with the bank at all and there is no way for the user to tell if they are still on the banks website or not. This makes it hard for even a knowledgable user to know if they are on a phishing site or not.
As mentioned, other sites present secure login options under insecure webpages. While their site may offer secure logins via SSL and HTTPS, that same webpage may be available insecurely under an HTTP version. While redirection to a secure page may occur, if the user had already entered in credential information under the insecure page, their credentials are at risk of being compromised.
While many sites exhibited 1 or 2 of the noted flaws, there were many on the list that didn't show any flaws and offered very good security. It also went on to note that some of the sites may have even fixed the flaws noted in the study at the time when the study was released.
Aaron Guhl is an IT professional that specializes in security. He frequently writes on his blog regarding security issues to help IT professionals get a better understanding of security in their networks. Visit his website at: http://www.securityenablednetwork.com/?p=121
Related Articles:
Credit Card Offers - Credit Card Application
Everything-Credit-Card.Com is a website that is dedicated to everything that is credit cards. On this site they offer you the best type of cards. There are the cards that offer airline miles, bad credit cards, balance transfer, cashback , there are cards with cash rebates. There are low interest rates cards and gas rebates. There are prepaids cards an rewards cards. There are so many different types that you would think that there is a card for everyone. On this site you can fill out any Credit Card Application for any card you want. What you should do before you apply for credit cards is that you should apply for a free credit report.
Evolution of Credit Cards and Online Banking
Since the early 19th century, businesses and consumers have made use of credit in the place of currency But credit stretches even as far back as ancient Babylon
Using The Bank?s Money With Credit Cards
Cardholders can take advantage of money received from the bank to pay the balance on their credit card. The key steps are to first figure out a way to get money from the bank, then use the money for the credit card.
Bank Of America Credit Card Special Programs
Partnered With Hundreds
Credit Card Application: Getting Your First Credit Card
Credit cards are one of the most convenient tools that you can ever use today. Besides, you would really need this tool if you want to purchase something but you don't have the cash for it. With a credit card, you can virtually purchase the products or services you need even without carrying cash.
Banking and Company Credit Card Policies for Small Business
Does your small business have a banking and credit card policy? If not, perhaps you might wish to think on it. Developing such policies and procedures is not a difficult task.
Compare Bad Credit Credit Card Offers: Credit-Card-Surplus.com Adds 2 New Bad Credit Credit Cards, Offering Consumers a Complete List of Bad Credit Of
www.Credit-Card-Surplus.com announces the addition of two new bad credit credit cards to its website, creating more options for those who have less than perfect credit. Consumers that have filed for bankruptcy or have a low credit score qualify for bad credit credit cards. When used properly, these cards enable customers to rebuild their credit and improve their standings among lenders. With the addition of the Total Visa® Card, and the Access Visa® Card, www.Credit-Card-Surplus.com provides a total of 13 bad credit cards for consumers to compare.
Online Credit Card Processing - How to Accept Credit Cards - Ecommerce 101
Back in 1998 (through 2000 or so), I worked for a small company (called PaymentNet / then Signio) that handled online transactions. Verisign later purchased this company, and the product team I led integrated the "client" - the portion that took the credit card information and sent it to our servers for processing.
The Orchard Bank Credit Cards: The Answer To Bad Credit
There are few more stressful things than dealing with dinged credit. Millions of Americans have experience with it, so there is a large pool of experience and options to draw from. The important thing to realize is that if you are determined to repair your credit, the right tools are available to help you. One option is The Orchard Bank MasterCard.
Online Credit Card Application: The Fastest And Most Convenient Way To Get A Credit Card
Thanks to the advancement of technology, particularly the internet, people now has a way to communicate cheaply, and even do some shopping. In fact, applying for credit cards is now possible through the internet. You will see that applying for a credit card online will be much faster and easier than ever before.