Home > Consumer Protection > Consumer News & Information > FDIC Consumer News |
|||
FDIC Consumer News
Winter 2005/2006 Coming Soon to Internet Banking Customers: New Procedures for Verifying that "You are You" The latest in the federal government's fight against online fraud
FDIC Consumer News has warned readers for years to be on guard against fraudulent e-mails and Web sites that try to trick you into revealing confidential information, such as bank passwords, that can be used to steal money from accounts. Now we want to let you know about new recommendations from federal regulators (including the FDIC) intended to help banking institutions differentiate their true customers from fraud artists and to help Internet users recognize real bank Web sites from fraudulent sites. In general, the guidelines — which are based in part on an FDIC study released in December 2004 — recommend that each federally insured bank, savings institution and credit union do the following by year-end 2006: Analyze its Internet services in terms of the potential for fraud or theft. Some bank Web sites only provide details such as branch locations and interest rates on products, which are low-risk activities. But Internet-based banking services that can move money out of accounts or permit Internet users to access confidential information (such as Social Security and bank account numbers) are considered at high-risk for attempted fraud or identity theft. Ensure that high-risk Internet services are protected by more than just passwords. Possible options include low-tech solutions, such as the use of questions and answers that only your bank and you know, and "scratch cards" with special passwords that are provided to account holders for one-time use. However, there also are high-tech identification programs that include special devices, such as: If your institution adds new authentication methods for certain Internet products or services, your bank will notify you, perhaps in your monthly statement or in an e-mail. But what if your bank doesn't tell you about any enhanced security measures? "It may be that your bank already uses enough other ways to authenticate you as a customer, including some behind the scenes," said Michael Jackson, an Associate Director of the FDIC's Division of Supervision and Consumer Protection. Possible examples, he said, include systems that enable a bank to confirm that a request is originating from your home computer and not someone else's, and maximum dollar limits on certain transactions that need special approval to be done online. Jackson also noted that federal examiners will review each institution's assessment of its online banking risks as well as the security measures in place to make sure they satisfy government guidelines.
|
|||||||
Last Updated 02/02/2006 | communications@fdic.gov |
Home Contact Us Search Help SiteMap Forms Freedom of Information Act (FOIA) Service Center Website Policies USA.gov |
FDIC Office of Inspector General |