Featured Savings Rates

Popular Posts

Featured Accounts

Preventing Online Bank Fraud


There's an excellent commentary at InformationWeek on the new federal regulation that's intended to reduce online bank fraud. Earlier this month, a federal bank regulation group gave banks until the end of 2006 to implement two-factor authentication. For online banking, two-factor authentication would likely include both a login-id/password (something you know) and a hardware token (something you have). An example of a hardware token is the RSA SecurID Token. One example of a bank that uses this is AmericanBank Online (token picture shown). This bank offers the token free for its personal banking customers. There are also other ways to implement two-factor security such as software tokens.

The InformationWeek article gives several downsides about this two-factor security regulation. It'll be expensive for the banks and consumers. It can also be an inconvenience for consumers who may have to carry a hardware token for every financial institution they do business with.

The article provides both sides of the debate on whether this extra security will help. On the one side, the crooks will just get more sophisticated to get around the new security. On the other side, it will be much more difficult for crooks, and they'll likely spend their time on places that lack this new security. Also, this can reduce the password black market since stealing passwords won't be useful without the tokens.

In my opinion, the extra security is worth the cost and inconvenience. Some criminals will still be able to find holes, but this has always been true in all aspects of life. We still have locks for our homes and cars even though they don't stop a determined thief. The locks are cheap and reduce the likelihood of break-ins. Similarly, the hardware and software tokens are not really any more expensive than ordinary locks and can reduce the likelihood of crooks breaking into our bank accounts.