After the hacker attacks to Citibank Online in the U.S. who stole about 200,000 customer data, then all banks should review and improve their security systems. This call is not only for banks in the U.S. alone, but all banks in the world.
The tight and strong security system will make people more confident to entrust their money to the bank in the form of savings or investments.
However, if the security system is too tight, it could be make the customer feel discomfort or troublesome.
This makes banks must find practical ways that do not reduce the comfort, but keep it safe from hacker and unauthorized access.
Secure Online Access
Almost all banks now allow customers to access their accounts via the Internet or mobile devices. In this way, they do not have to go to the nearest bank branch or ATM and do not bother to jump through a lot of security hurdles in order to confirm their identity.
Direct hacker attacks to Citibank Online is the largest attack to bank to date. This makes all banks must strengthen the authentication when customers log into their account.
Avivah Litan, Gartner Research analysts said that banks should apply more stringent security measures, such as using security tokens and educate customers to use a secure internet browser if they want to access online banking services.
When logged in, security token requires customers to enter a line of number every few minutes along with a PIN to verify their identity.
Online Banking Direct Attacks
About the recent Citigroup incident, Litan said,
"Up until now the banking industry has really been untouched in terms of attacks, from what we know, beefing up security would be cumbersome, she added, but unavoidable given the need to secure payment systems. The Citi breach, coupled with other recent incidents, adds up to a really bad picture."
Almost all banks so far have a good record in protecting data and transactions from hacker attacks. It means, most banks have better security system and protection compared to other companies / retailers.
However, according to David Robertson, publisher of The Nilson Report who follows payment industry said that the bank might not be able to avoid all types of fraud, because the cost to strengthen the security system has not in accordance with the potential customer savings / investments.
Direct attack to online banking lead to a greater threat, because hackers are trying to steal large data in short time. "The potential for fraud in an online banking environment is monumentally different than with payment cards, " Robertson added.
The Scary Thing
Citibank is one of reputable banks that has invest a lot of money to develop a good security system, but it still can be breached by hackers. This is the scary thing.
Usually the target of hackers and cyber criminals are a retailer or third party companies who cooperate with the bank. Most retailers is not yet implemented a good security system, so it is rather easy to be hacked.
Instead a report on the security breach in the banks are very rare. If security breach occur at the bank, there is a big negative impacts as they will face a major consequence of the loss incurred in terms of financial, reputation and public trust.
Improve System Security & Perform Penetration Test
There will be more hackers to perform security breaches to online banking / online financial services. Therefore, each banks and financial companies must quickly and accurately improve their security system to protect against hackers and unauthorized access.
Perhaps it's also a good idea to hire a reputable security company that can be trusted to perform endurance test and penetration test to see how strong the security system on the bank.