You might expect that bank accounts should be at least as secure as an email or social media account but our research has found that some banks are still lagging behind. It may seem heavy-handed to force customers to use a second device but passwords alone are no longer good enough. Weak login details can be stolen, leaked, or easily gleaned from social media sites and if a hacker penetrated the first layer of defence, they would have access to sensitive details such as payment history and card numbers, which could make any subsequent scam attempts more convincing.
Some banks offer a physical device to generate unique one time passcodes OTPs that serve as evidence of 'possession'. Most banks also let you authenticate yourself at login via the mobile banking app in some cases, you can simply use fingerprint ID to let them know it's you logging in. Nationwide, Tesco Bank, the Co-operative Bank, Triodos and Virgin Money are the only current account providers who don't yet offer this.
A more common option is OTPs sent via text message to a mobile phone but we want providers to phase these out as they are vulnerable to Sim-swap attacks. Lloyds Banking Group includes Halifax and Bank of Scotland customers can choose to pass security by supplying a six-digit number via an automated phone call to their landline.
If you are struggling to receive codes sent by your bank via SMS due to bad reception, some networks offer Wi-Fi Calling which lets you connect via your wireless broadband.
Banks should still monitor your accounts for unusual activity Lloyds asks you to reconfirm trusted status when you use a new browser or clear your browser history. Tesco Bank was the only bank that told us it never asks users to re-authenticate trusted devices. New name-checking system called Confirmation of Payee CoP has been introduced to prevent payments being made to the wrong bank accounts, but not all banks have implemented this vital layer of security.
Previously, all banks processed online transfers using the account details only and took no notice of the name entered. This flaw causes misdirected payments if people accidentally enter the wrong digits and can be abused by criminals who impersonate trusted organisations to trick people into transferring money directly into accounts they control.
You can still choose to ignore these warnings and authorise the payment regardless, though banks make a point of stating that you do so at your own risk. CoP checks payments using the Faster Payments system including standing orders and CHAPs high-value payments , whether they are made online, via your mobile banking app or in a branch. The most obvious benefit to CoP is that it significantly reduces the risk of you making a bank transfer to the wrong account.
We hope to see this figure drop when we ask again next year. Banks and building societies who offer Faster Payments must follow the credit payment recovery process if you do make a mistake, by contacting the receiving bank on your behalf within two days of you reporting the mistake. It is hoped that CoP will also protect people from losing money to bank transfer fraud , also known as authorised push payment APP fraud.
Monzo and Starling were the first banks to sign up for CoP voluntarily. Revolut - an e-money firm - started offering CoP checks in January Metro Bank and Virgin Money still do not offer CoP, even though this would help protect their customers from sending money to the wrong account.
In November , Which? Money discovered that certain Starling customers had missed out on these checks for an entire month following a system update. The biggest threat to banking security comes from using a compromised device. Although phones are more easily lost or stolen, apps are in some ways safer than using a computer to log in to your bank account.
This is because apps in the official app stores are vetted by Apple and Google, whereas PCs can run software from any source.
It's also more difficult to plant a keylogger in an Android or iOS device software used to track every key you press and potentially steal usernames and passwords. But, thanks to competition from innovative mobile-only banks Monzo and Starling, many high street banks have started to improve app security features:. Smartphone users tend to keep their devices with them, so it's a quick way to contact your bank if something goes wrong. Instant card freezing, where you can temporarily block your card in-app without having to call or visit a branch, is now offered by all of the banks we tested except The Co-operative Bank, TSB and Virgin Money.
Monzo and Starling are the only current account providers offering real-time notifications - meaning customers get alerts via the apps every time a payment comes in or out. These notifications make it much easier and quicker to spot fraudulent transactions. High-street banks are working towards this, for example, Barclays alerts mobile banking app users to large credit or debit payments and overseas payments. But most are a way behind the digital challenger banks. Find out more: challenger banks - we review the new wave of mobile-first banking brands.
Telephone fraud, or vishing, is particularly sneaky. They may use cheap software to make the call seem legitimate, for example, number spoofing software displays false caller-ID information to trick you into thinking that their number belongs to your bank or another legitimate business.
This software is used by legitimate businesses - including the Which? Tech Support team and many IT support firms. But criminals abuse accounts to hack into email and bank accounts. Call-blocking services and phones offer some respite from unwanted calls but the easiest way to stay safe is to hang up and call back on a phone number you trust such as the number your bank provides on the back of your debit card.
Stay one step ahead by learning these seven ways to spot a scam and follow these ten tips to keep the cash in your bank account safe:. You have money questions. Bankrate has answers. Our experts have been helping you master your money for over four decades.
Bankrate follows a strict editorial policy , so you can trust that our content is honest and accurate. The content created by our editorial staff is objective, factual, and not influenced by our advertisers. We are compensated in exchange for placement of sponsored products and, services, or by you clicking on certain links posted on our site. Therefore, this compensation may impact how, where and in what order products appear within listing categories.
Other factors, such as our own proprietary website rules and whether a product is offered in your area or at your self-selected credit score range can also impact how and where products appear on this site.
While we strive to provide a wide range offers, Bankrate does not include information about every financial or credit product or service. This content is powered by HomeInsurance. All insurance products are governed by the terms in the applicable insurance policy, and all related decisions such as approval for coverage, premiums, commissions and fees and policy obligations are the sole responsibility of the underwriting insurer. The information on this site does not modify any insurance policy terms in any way.
More bank customers discovered they like the convenience of mobile banking as branches temporarily closed during the pandemic, and evidence suggests the behavior stands to stick. A survey released in mid-May by bank technology provider FIS found that 31 percent of banked respondents intend to do more online and mobile banking in the future.
But is this a safe way to conduct bank business? One of the benefits of using mobile banking is to make life easier because it can be used practically by customers to pay bills, transfer funds, check balances, make deposits, and other transactions.
All these activities can be done through a banking application installed on the smartphone without the hassle of coming to the bank, which is usually full of queues. Along with technological advancement, mobile banking services also allow customers to conduct banking or financial transactions more broadly.
Besides facilitating public utility bills payment such as electricity and water, the mobile banking service can also make it easier for users to pay for many other things. Some of them are their travel ticket bills, make donations, top up the electronic money, to settle the purchase of investment instruments such as mutual funds and Government Bonds.
Before digitization developed rapidly as it is now, mobile banking services were less attractive to many people. There are always reasons to avoid using this banking service, ranging from being reluctant to learn more to doubting the security of the service. In fact, using mobile banking services can be a safer option than having to go to an ATM or bank to make a transaction. Hands down, this is one of the top recommendations from security experts. Tied to that, never, ever, use public wifi to access your banking services.
I spent a bunch of time researching VPNs earlier this summer. There are some exceptions to this, but in general, bigger banks will have better mobile apps and stronger security on them. Look for two-factor authentication in your financial apps. Although some mobile phone users are using face recognition or eye scans, more apps are likely to require this in the future. Biometrics is one example of a two-factor authentication method.
0コメント