You would think that by now almost every user of the Internet would know not to click on links in emails supposedly from financial institutions -- especially a bank that you have never heard of or have never done any business -- and enter your username or password.
But as this podcast and article from National Public Radio (NPR) points out, Web-savvy individuals are also falling victim to online financial fraud as phishers use newer technology to stay ahead of financial institutions and users.Financial services providers are, again, facing tough choices when it comes to offering online access to account information. Online account servicing is the most cost effective method for servicing clients in any demographic, and is especially important in certain business lines since other forms of customer service severely cut into already slim margins. FIs have already significantly tightened security measures by using newer security methods, such as multi-factor authentication, including site authentication images, and the breaches continue to happen. But walking the fine line between phishing-secure Web offerings and user friendliness is always a concern. If the FIs crank up the security requirements too high, users will stop using online access, or so the thought process goes.
But FIs are also still left holding the bag when customers lose money due to financial fraud. The thinking is that if FIs refused to cover the customer's losses, the client's trust in the entire online banking/trading/transaction process will be lost. A delicate topic, but as losses increase, many within the industry are asking, "Why should my bank pay because my customers give away their passwords?"
As users go online for financial access more and more, I think the benefits and ease of online services will outweigh the user 'unfriendliness' of tight online security. Why would customers take one hour to get in their cars, drive to a branch, stand in line and then have to drive back to their homes just to check balances when they could do the same thing online after entering two or three forms of ID in about 30 seconds?
By Greg MacSweeney, Wall Street & Technology Greg MacSweeney is editorial director of InformationWeek Financial Services, whose brands include Wall Street & Technology, Bank Systems & Technology, Advanced Trading, and Insurance & Technology. View Full Bio