|
Your Users' Responsibilities
Educating Internet Banking customers about the risks and the precautions they should take is a daunting task - it simply assumes too much technical knowledge for many people. However, to help customers maintain the security and privacy of their account information, irrespective of any other security measures introduced by the financial institution, users should always be advised to:
- Protect the secrecy of their Password;
- Use a password that is not a simple numeric sequence, or the same as their membership or client number or birthdate;
- Change their password regularly;
- Always log-in to Internet Banking via the Institution's main website URL (making it easy by adding this site to their browser's list of favourites);
- Check the last login time and date displayed when they login;
- Verify that they are connected to the Institution's "trusted" Web server by checking the Secure Certificate details - not just looking to see if the lock symbol is displayed;
- Log-out promptly when they have finished using the system;
- Not use publicly accessible kiosks or Internet café PCs;
- Keep their PC system up-to-date and virus free;
- Use a 'firewall' to protect their computer from unauthorised access over the Internet if they are accessing the Internet through an "always on" broadband connection (ADSL, Cable, etc.);
- Promptly advise the Financial Institution of any problems.
In addition, it is prudent to advise customers to develop their own email policy such as:
- Only click on a link in an email if you are absolutely certain that it is from a reliable source. Do not click on emails where you do not know the sender or source and don't be duped by great offers coming through email. Also, think twice about forwarding an email with a 'great offer' to a friend/relative.
- Avoid opening suspicious or dubious emails or attachments, even if the email is from someone you trust (the email and attachment could have been forwarded automatically without the person's knowledge).
- You should not reply to 'spam' emails or emails where
you do not know the sender or source - it simply confirms
that your email address is valid and you may receive further
emails from them. You should simply delete the email.
- If you receive a suspicious email from any financial institution contact the relevant financial institution directly. Do not act on the instructions contained in the email.
It is now also general policy to let your
customers know that you will never send them an email asking
them for Internet Banking login details or credit card details,
and will never send a link to an Internet Banking logon page
via email. Unfortunately, this restricts some of the power
and usefulness of your Internet presence. As an example, it
has the awkward consequence of limiting the use of email as
a monitoring tool to confirm financial transactions, or for
advice to the customer that a statement (or bill) has arrived
for viewing.
For further information or questions about any of these issues please contact Swift Call. |
