Wednesday, July 30, 2008

What banks can do and why that would help their customers

Currently, banks have a difficult time educating their customers about what is safe to do and what is not safe to do when attempting to interact with their bank. If banks do some simple things, it could help simplify the message to customers. Here are the policies that banks could use:

  1. Use SSL to protect their entire site and deliver all content. EV SSL certificates may be even better. See the following article: 
  2. Use a single domain for all parts of the site that you are asking users to trust or interact with. For example, the login credentials should be on a page that clearly belongs to the bank. (Note: It is possible to do so while working with an external service provider by proper use of SSL certificates.)

Once most banks do that, the message to educate the customer becomes very simple. Here is the message to customers:

  1. Customer should ALWAYS check that the URL for their bank starts with HTTPS. Otherwise, assume it is NOT from the bank.
  2. Customer should always check the hostname in the URL is the bank's (show pictures to explain this). If it is not, assume the page is NOT from the bank despite the https.
We believe this simple steps can help make a dent in phishing and identity theft, saving banks a lot more money than spent on making the changes to be compliant with the above policies.
The changes should be simple to implement by your service provider and web master, but may require acquiring new certificates. It is all fairly standard technology.


loanmod pro said...

The tips provided here are not only beneficial for Banks but to customers as well. But the purpose of this would solve only then, if banks do follow these tips / suggestions
Wamu Online Banking

STD Area Telephone Dialling Codes List India said...

This is really a genuine topic you have raised and provided some tips to Banks. I am hopeful if these tips are followed then it would certainly help banks to improve their customer services.
Wachovia Online Banking

Anonymous said...
This comment has been removed by a blog administrator.
Anonymous said...

This is very interesting information. I agree with a lot of this content. I like this article very much and I have enjoyed reading your points of interest. Thank you.
Loola 2

Hoang Trung said...

Thanks for your post. Click to play
mr jump games
doodle jump
awesome run 2
Geometry Dash
vertix online