Is Internet Banking Secure?

I don’t apologise for the really lame title of this blog, as this is a subject that appears to have been done to death over the past few years. There seems to be two camps – those that are cool about internet banking and those that won’t be seen within a mile of a PC linked up to a bank.

Those that are cool about the matter will no doubt use their bank’s online services for transferring money, paying bills and the one or two odd things we all do on our bank accounts each month. I fall into this category, and have to say (touch wood) I have not had any significant issues to date. The risk/reward algorithm works in favour of doing online banking in my books.

Those that are against internet banking have either experienced fraud themselves or via a colleague/relation or maybe have just picked up on the media stories and decided to give it a miss.

It would appear to me that if you operate a fully patched and updated PC with anti-virus/malware tools and a healthy dose of common sense then you would generally be safe. Users are being educated to check the URL, ensure the certificates on the site are correct and check for the small padlock at the bottom of the screen. If these things are correct then they user is generally “safe” to do online banking.

What should make all of these users think again is this report from Hesie Security. It runs through the issue of frame spoofing, where a hacker injects a frame of their own onto a bank’s website. This is especially scary as the traditional indicators (URL, padlock etc) still show a secure site. The good news is that this problem was identified back in the days of IE 4 (1998) and since then those operating bank sites have been warned off using frames on their sites. Microsoft incorporated a fix in later versions of IE but amazingly it is only beta copies of IE 7 that have this switched on by default.

So the question is, am I frightened off doing on line banking? Certainly this problem is a concern, and yet again issues that were identified years ago are still being fixed today. In reality I am still going to use online banking, using Firefox, on the basis that the convenience out weighs the potential risk.

After all the alternatives are calling an operator thousands of miles away and giving them my details or driving to the bank.

Put these through your risk/reward algorithm and see what result you get.