Securing Your Online Transactions

“ Banking  is necessary but  Banks are not.”  These words from  Mr Bill Gates , Chairman Microsoft  is a true indication of the way in which banking  habits of people has transformed over the years.

Technology has definitely changed the way people has been doing banking.  Gone are the days when you had to visit the branch premises, wait in long queue  for depositing and withdrawing money, hand over the pass book at the counter for updating and come back on third  day for collecting it. Now,  be it  making payment to service providers or transferring funds or booking movie/  travel tickets,   it is all at  your finger tips. You can  execute any financial transaction sitting at the comfort of your  home or office.  It was foreseeing this that Bill Gates had mentioned that  banking is necessary but banks in the physical form  is not required.

Online banking though provides  a whole lot of comfort in terms of timing and place of transaction,  it equally  poses challenges also , if adequate care is not taken while transacting.   The number and quantum of online financial frauds have been steadily increasing. In almost all the cases  it has been the lapses on the part of the customers that has helped  perpetuate the crime.  When you physically  deal with a bank , bank takes care of a whole lot  of  your security requirements . But when dealing online the responsibility of securing the  account and transactions becomes  very much on the  customers. Here are certain tips that will help you secure your online transaction.

Never respond to emails that request personal information
The first and foremost thing you should always bear in mind while transacting online is that  your bank  would never ask for your personal details through an email. The bank would also not   ask for your password through any  other means, phone, fax or in-persons. Even if  any of  the  bank personnel asks you for your password,  please do not disclose it and report about the incident immediately to the higher officials of the Bank.

Maintaining secrecy of your password  
When you create your password, make it  sufficiently  long. Include at least one capital letter, one numerals (0-9) and one special character (like @,  $,   etc). This makes the password very difficult to crack.  Do not use your personal contact details , personal numbers like   PAN number , Aadhar number ,  names etc  as  Personal Identification Number (PIN), user ID or password. It is always better to keep  changing  the passwords often . This will helps in protecting your account even if inadvertently you may have disclosed  the password  to someone.

Limit the amount of personal information you provide on social networking sites. The more information you post, the easier it may be for a criminal to use that information to steal your identity, access your data, or commit other crimes.

For the first time you login to your internet banking account, you will  have  to use the password provided by the bank. However, you should  change this password  immediately in order to keep your account safe. Never let anyone know your PINS or password and never write them down or  use your mobile device to store sensitive personal information or bank account numbers. Also remember never to use the same  password for  two  online accounts.

Keeping your computer secure
Keep your computer operating system and browser up to date with the latest software and security downloads. Don’t open attachments or install free software from unknown sources. This may expose your computer and the information on it to unauthorized sources. Install a comprehensive Firewall/Antivirus/Anti-spyware software package on your computer. These software suites help detect and remove viruses and spyware, which can steal vital information. It is very   important, particularly for users with a broadband connection, to install a firewall. This will help keep the information on your computer secure while blocking communication from unwanted sources.

PCs at cyber cafes may be infested with viruses and Trojans that can capture and transmit your personal data to fraudsters. The easiest way to grab information is key logging software, which record all the keystrokes you typed, to be retrieved later for fraudulent usage. Beware of typing passwords on unknown PCs. It is equally important that you disconnect the internet connection when you are not using internet.

Ensure  the website you are visiting is secure
It is a safer to type your bank URL in the address bar of the browser than clicking on links given in an email. There are instances of fraudsters sending emails with fraudulent websites links that are designed exactly like the bank’s original website. Once you enter your login details on such a website, they may be used to access your account and steal your money. Before submitting your bank details or other sensitive information, if the address bar is visible   ensure that the  URL starts  with ‘https://’ (‘s’ for secured) rather that the usual ‘http://’.  If the address bar is not visible, look for a lock icon on the browser’s status bar. You can check the level of encryption, expressed in bits, by hovering over the icon with your cursor.

When you are logged into your bank’s website , it is better to have all  other browser tabs and applications closed.  If you open a malware infected email while you’re banking, a hacker may be able to capture your keystrokes as you log into your bank or they might take over your session entirely.

You should always log out of your bank’s  website when you have finished with your transactions. Not logging out of your bank’s website  may put you at greater risk for session hijacking and cross-site scripting exploits. It is always better that you  clear your browser cache after you  have completed the transaction.

Setting up activity notification
Many banks have been providing SMS  or e-mail alerts to customers as when any transaction in the account happens. Such alerts help in obtaining information of fraudulent transactions immediately.  Most of the banks offer this facility free . Even if the same is chargeable , this  facility provided by banks should be used.  Customers should also check the  account after making any transaction online.  This will help to ensure that  the right amount has been deducted from the  account.

Jiz P. Kottukappally. The author is  working as Asst General Manager, Catholic Syrian Bank and the views expressed are the personal opinion of the author. Author can be reached at jizpauls@gmail.com