Join the Business Community

Dynamic Business

Dynamic Business Magazine – Articles from Australia
It’s so interesting to explore the possibility of finding like-minded people using social networking. Yiying Lu ...read more
default image

Email to a Friend
Published | July 30, 2008
Comments | None

How to bank safely online

There are many benefits of online banking for SMEs, but don’t rely only on your bank’s online security systems. Here’s a guide to DIY banking protection, so you can bank safely online.

While personal banking has largely moved online, many smaller businesses still don’t take up all the advantages of online banking and undertake some form of physical banking at a branch, usually to bank cheques received for payment of services.

However, the growing use of payment by credit card, BPay, PostbillPay, and even the simple online bank account transfer, means that manual cheque receipting and deposits are becoming less and less common.
Electronic banking saves time and money by: automating processes such as payroll and supplier payments; making transfers of funds between accounts easier; reducing transaction fees and other costs such as postage; allowing the movement of funds into a higher interest account and quickly transferring amounts when needed; providing more timely access to records rather than waiting for monthly statements; and providing the ability to download statements to accounting software.

But such efficiencies shouldn’t be at the cost of maintaining the security of the business’ banking process. It is essential for all businesses transferring manual tasks to electronic banking to look at the controls in place and at ways of transferring them, or their equivalent, to the new system being introduced.
The security steps taken under the traditional cheque payment/banking system include:

  • Not pre-signing cheques.
  • Crossing cheques as ‘not negotiable’.
  • Putting cheques in the mail in a plain not window-faced envelope.
  • Keeping the chequebook in a secure place.
  • Always using a pen, not pencil.
  • Having co-signatories in larger organisations.
  • Not going to the bank at the same time every day.

So, in the past, making payments by cheque meant that only one or two people within the business, who were authorised signatories, could make the final payment. Businesses now using e-banking in place of cheques to make payments should only give e-banking password rights to those people who had cheque-signing rights.

Other checks and controls might not seem as easily transferable, particularly as the technology seems to change so rapidly.

Online Banking Security Checklist

When electronic banking was first introduced to businesses, it was usually through bank-specific software being installed on the computer system. Many businesses still use this type of software to process payrolls and batch creditor payments. Transactions are entered, authorised, and sent direct to the bank via direct-modem connection, rather than over the internet.  The security for this software is controlled by the software itself and the access for authorising transactions is provided to specific users by the bank.

Widespread use of the internet has broadened the means by which businesses can transact; not just with the bank, but also with their customers and suppliers. For example, credit card payments can now be processed via an internet site without the need for a terminal.

To make online business banking a safe experience, business owners can take a few simple steps:

Ensure the bank’s website is secure. Banks have a very high stake in making the online banking experience as safe as possible. After all, the more customers use online banking rather than branches, the lower their overheads. So they have spent a lot of time and money putting systems in place to make online banking secure.

A bank’s website should disclose the security methods it uses to protect customers’ data. Business owners should ensure their bank is using high-end encryption and that the user interface is a secure website. This means that the data being transferred over the internet is scrambled and only the intended receiver can use it. A secure banking site can normally be identified by a closed padlock icon on the bottom right hand corner of the browser and “https://”, rather than “http://” in the address bar.

Introduce multiple methods of authentication. Unfortunately, a secure website doesn’t rule out the possibility of online hackers intercepting passwords with a method called keystroke logging. This means that hackers can record the letters on the keyboard that are pressed when someone enters their password to access their banking system.

And so, many banks will also provide their business clients with a second layer of security. This additional security may be in the form of a series of passwords; two-factor authentication; or the use of digital certificates.

In its simplest form, a series of passwords makes it more time-consuming and more difficult for hackers, thus discouraging them. It is also possible to have two passwords so the security software uses random parts of each password at the start of an online session. This randomness provides an added dimension to the security.

Two-factor authentication commonly refers to a two-step login/authorisation process. For example, an electronic security ‘token’ is linked to an individual’s login ID and password. When activated, the token generates a one-off password, using a random algorithm, which is used as the second level of proof of identity.

A digital certificate is attached to an electronic message and used to authenticate transactions on the internet. It is an electronic ID which verifies that the sender of a message, or bank transaction request, is who they claim to be, and provides the means by which transactions can be encrypted and decoded only by the issuers and applicants of the certificates.

Change passwords regularly. While the security measures provided by banks may help protect their online banking clients, there is still much more the individual can do.

Use the security features of the banking software. If it provides the capacity to change passwords on a regular basis, take advantage of this feature. It may seem like a painful exercise to be asked to change a password in the middle of authorising a transaction, but keep in mind that it will help ensure the security of transactions.

Got something to say? Join the small business forum here at DynamicBusiness.com.au.

Pages: 1 2

Subscribe to DynamicBusiness.com.au

Subscribe to the Dynamic Business eNewsletter to keep up to date and receive amazing deals to help grow your business.

Related Articles

No Photo
Carolyn P
Carolyn P has written 1 articles for us.

Comment



Need a Gravatar (the image next to your comments)? Visit Gravatar.com