Online Banking Security: How To Protect Your Online Banking Information (2023)

Digital banking (online and mobile banking) makes managing finances easy. With digital banking technology, you can pay bills, deposit checks and transfer money from wherever you’re located. Due largely to their convenience, online and mobile banking are the two most popular ways to bank. More than three-quarters of Americans (78%) prefer to bank digitally, according to a March 2022 Ipsos-Forbes Advisor survey.

But how secure are online and mobile banking? And is your information safe?

While reputable financial institutions implement a slew of security measures, you can take some steps on your own to keep your financial and personal details out of the hands of hackers.

6 Ways To Secure Online Banking

It’s easy to protect your information while still leveraging the convenience of online banking. Use these six strategies to ensure you’re the only one eyeballing your balance.

1. Choose strong and unique passwords
2. Enable two-factor authentication
3. Steer clear of public Wi-Fi
4. Sign up for banking alerts
5. Be wary of phishing scams
6. Choose trustworthy financial apps

1. Choose Strong and Unique Passwords

Your password can create an opening for hackers, even if you don’t realize it.

Some common mistakes you may be making with online banking passwords include:

• Using personal information, such as your name, address or date of birth
• Choosing shorter passwords
• Relying on common words or simple number combinations
• Using the same password for multiple logins
• Not updating passwords regularly

Those things can make it easier to remember your passwords, but they make it easier for hackers to guess your password and access your online banking information. Here are some tips for creating stronger passwords for banking online:

• Choose longer passwords, such as a phrase rather than a single word
• Use a mix of upper and lowercase letters
• Include numbers and special characters
• Avoid common sequences, such as “1234”
• Avoid using personal information, such as your name, pets’ names, date of birth, etc.
• Don’t store your login details in your online banking or mobile app
• Don’t write passwords on the back of debit or credit cards or keep them in your wallet

Update your online banking passwords regularly. Change them every three to six months to lower the odds of your password being stolen or decoded by hackers.

And consider using a password manager to store and protect your passwords—and make using longer and more complicated passwords easier.

2. Enable Two-Factor Authentication

Two-factor, or multifactor, authentication can add a second layer of security verification when logging in to your online or mobile banking account. First, you enter your login name and password and then you have to pass a second security test.

For example, you may need to enter a special code, verify your account through an automated phone call, use biometric verification or identify an image. This makes it difficult for a hacker or identity thief to unlock your account, even if they have your online or mobile banking password.

Ask your bank or credit union if two-factor authentication is an option and how to enable it.

3. Steer Clear of Public Wi-Fi

Public Wi-Fi is convenient when you need to stay connected on the go, but you can’t count on it to be secure. According to NortonLifeLock Inc., the consumer cybersecurity provider, some of the most significant security risks posed by public Wi-Fi include:

• Man-in-the-middle attacks, in which hackers can electronically “eavesdrop” on your banking and other online activity
• Data transmissions over unencrypted networks
• Malicious hotspots
• Malware and spyware

It’s best to avoid using online or mobile banking when you’re on a public Wi-Fi network.

If you must access online banking or mobile banking with public Wi-Fi, here are some tips to stay secure.

• Disable public file sharing. Look up how to do this for your operating system.
• Stick with sites that are secure. Look for “https” in the site’s URL, which triggers the lock icon in your browser. Your laptop or mobile device’s firewall may automatically flag sites that are deemed unsafe.
• Consider using a virtual private network (VPN). This creates a private network that only you can access. You can set up a VPN through your mobile device or laptop using a VPN service.

4. Sign Up for Banking Alerts

Banking alerts notify you when certain actions occur. You receive near-instant notifications of any potentially fraudulent or suspicious activity. It’s often possible to receive email or text alerts for the following:

• Low or high balances
• New credit and debit transactions
• New linked external accounts
• Failed login attempts
• Password changes
• Personal information updates

If you get an alert and suspect fraudulent or suspicious activity, contact your bank or credit union immediately and change your online and mobile banking passwords.

5. Be Wary of Phishing Scams

Phishing is one of the most common methods identity thieves use to gain access to personal and financial information. This kind of scam usually involves tricking you into giving up your information.

Phishing scams can take different forms, but they’re often email or text scams. For example, you might get an email that looks like it came from your bank, telling you that you must log in to your account and update your information.

You click the link and log in to what appears to be a legit site but is a dummy site. Or, clicking a link downloads tracking malware to your computer, allowing identity thieves to log your keystrokes.

Either way, you’ve given up your login details without realizing it. For this reason, it’s important to scrutinize closely any emails that request financial or personal information.

Here are some tips for avoiding online banking phishing scams:

• Verify the sender’s email address. Call your bank and ask if it sent you an email. Verify the email address that was used.
• Hover over links. Hovering over a link inside an email can reveal where it will take you.
• Don’t share personal details. If you get an email from your bank asking for information, call your local branch or customer service to verify that it’s legitimate before sharing any details.

6. Choose Trustworthy Financial Apps

Financial apps, including mobile banking apps, can help with banking, paying bills, sending money and shopping. But they’re not equally secure.

If you plan to use your bank’s mobile app, make certain you’re using its official app. The best way to do that is to download the app from your bank’s website. If you’re downloading the app from the App Store or Google Play, verify that it’s legit by checking the developer details and reading reviews.

Consider which apps you allow to access your online and mobile banking details. For example, you might want to use a budgeting app to manage your money. These apps generally ask you to share your login credentials to pull information and create a financial picture, putting your data at risk.

Before downloading a financial app, check its ratings. Research the app’s security policies and look for past data breaches.

Is Online Banking Safe?

Online banking is a safe way to manage your money when your bank follows strict security protocols and you’re aware of how to spot potential security threats.

Banks utilize various security measures to protect customer information. Those measures can include:

• 128-bit or 256-bit data encryption
• Encrypted email messaging
• Automatic logout functionality for online and mobile banking
• Two-factor authentication
• Continuous account monitoring
• Electronic signature verification

Risks of Online Banking

Although it may be tempting to log in to your bank’s website or app from your phone while you’re out and about, using an unsecured network can have real consequences. Watch out for:

• Phishing. Phishing is a means of gathering personal information by posing as a trusted institution—like your bank. Fraudsters can contact you via email or SMS and make it appear as though the message is coming from your bank. Phishing scams ask you to input personal information like passwords or bank accounts into dummy sites that look like ones you have seen before. They use that information to steal your money or your identity.
• Viruses. If your bank doesn’t use secure software, you could be exposed to malware or viruses that can corrupt your computer or phone.
• Maintenance outages. If you rely exclusively on online banking, any potential outage, whether malicious or accidental, could leave you financially stranded.

Benefits of Online Banking

Although there are risks to banking online, secure digital banking has benefits that outweigh those risks. These include:

• Convenience. Being able to transfer money, deposit a check or view your balance before a big purchase is all easy with secure online banking. With appropriate security measures in place, you can plan your life on the go.
• Control. The idea of “banking hours” is obsolete when using online banking. You can deposit or transfer funds no matter what time it is. Some banks even offer around-the-clock online customer support through live chat or interactive FAQs.
• Security. Banking in person comes with its own set of risks that are eliminated with digital banking. You don’t have to worry about someone looking over your shoulder to see your account balance or overhearing details about your financial transactions.
• Accuracy. Working with a bank teller can sometimes lead to mistakes. Secure online banking lets you double-check every transaction, no matter where you are.
• Tools. Many banking apps offer location services to help you find the nearest branch or ATM. Sometimes also let you monitor your credit score from within the app.

What Is Data Security at Banks?

Data security refers to banks’ strategies to keep customers’ data secure. The primary goal is to protect any personal information from unauthorized access.

According to the American Bankers Association, a trade association for the U.S. banking industry, some of the most commonly used data security measures include:

• Multi-factor authentication
• Encryption
• Privacy policies and training
• Fraud prevention monitoring

Banks must report a data breach to regulators within 36 hours if that breach is likely to materially affect banking operations. The rule, effective in May 2022, is a joint effort by the Federal Reserve Board of Governors, the Federal Deposit Insurance Corporation (FDIC) and the Office of the Comptroller of Currency to enhance accountability in the banking industry. With this new rule, banks have an even greater incentive to take measures to protect customers’ data security.

Bottom Line

Online banking offers convenience and control over your financial life. You can mitigate the risks by being proactive and protecting your online banking information. Doing so decreases the odds of your information ending up in the wrong hands.

Frequently Asked Questions (FAQs)