In recent years, I’ve seen online banking become more and more popular because it’s convenient, user-friendly and tech savvy. So many folks are ditching ATM deposits for mobile check deposits and checkbooks for easy-to-use apps that allow them to check their balance or even use their phone to make payments. But with cyberattacks seemingly on the rise, you might be wondering: Are online banks safe? I can help shed some light on the topic.
Online banks take lots of precautions to help you stay safe, and you can take some smart digital steps that don’t require much time and effort to go the extra mile on your end too. Read on for some tips from me and my team on how to keep your financial identity secure while your bank account is at your fingertips.
First, what is an online bank?
Online banks — also known as virtual banks and internet banks — operate primarily on the internet without branches. While you won’t meet a teller or banker face-to-face as a customer of an online bank like Ally Bank, you can access and manage your account anywhere, at any time, with your mobile device or computer.
Compared to their traditional counterparts, online banks typically offer more advanced tools, apps and features that help you manage your money on the go. And because they have lower overhead (no physical branches!), they tend to offer higher interest rates and charge lower fees than brick-and-mortar banks.
Are online banks safe to use?
We’ve all read the reports of hackers and data breaches in the news. These highly publicized cyberattacks may have you concerned about the safety and security of online banking transactions. It’s true that hackers attack online banking websites (for both full-service online banks and traditional brick-and-mortar banks that offer online services), but it’s a myth that online banking isn’t as safe as traditional methods of banking.
How could both of these things be true? This new reality of cybercrime has required many banks to implement the latest advanced technology to combat fraud and scammers on a whole new level — meaning banking online doesn’t necessarily increase your financial risk whatsoever.
Since online banks are primarily virtually based, they offer cutting-edge technologies like automatic fraud detection, AI-driven security, and digital encryption that make them just as safe (if not safer) than traditional banks.
Remember, your participation is also key in avoiding fraud. Being vigilant and street-smart about how you communicate with your bank and protect your personal information can have a great impact on reducing risk in your digital banking experience.
5 Expert Tips to Stay Safe While Banking Online
Online banking is generally very safe, but you can also further protect yourself — and your finances — with these cybersecurity tips:
1. Choose your online network wisely.
Hackers exploit the vulnerabilities of public wi-fi. If you’re on a shared network (like at a coffee shop, library or gym), your information is in more jeopardy than using your home network. That’s because most of these wi-fi networks lack necessary security measures, have poor router configurations and typically have weak passwords.
It’s best to avoid online banking or conducting any other activity that involves sensitive data on a public wi-fi network. If you’re out and about, use your cellular network instead to access your online banking account. It’s not fail-safe, but it’s much more secure.
2. Strong codes, passwords and two-factor authentication make a difference.
Always secure your device and applications with at least a complex key code (something better than 1, 2, 3, 4). Most mobile banking apps provide integration with your smart phone’s biometric authentication, such as Face ID or Touch ID, which is considerably more secure than a simple key code.
Also, elect for additional authentication, if it’s not already there by default. All online banks like Ally Bank have 2-step or 2-factor authentication built into their security solutions, but it’s still smart to enable multi-factor verification in other apps you use where this feature is optional, especially your personal email account, financial management and planning websites/apps, and any digital interaction you have that stores your personal information, payment methods or value (such as retail accounts, gift cards, etc).
Multi-factor authentication is typically an extra piece of information, such as unique codes that are sent to an account or device that only you can access. This is typically done via SMS (text) or email, or through push notifications within your mobile apps. These protections add another layer of security that is very difficult for a cybercriminal to replicate to gain access to your accounts, but they only work if you keep all your devices, email accounts and applications safe with strong passwords and multiple layers of control. Throughout the industry, customers are routinely victimized by fraud because they do not protect their devices and email accounts adequately, so this is a relatively simple step you can take for your own protection.
3. Keep authentication codes secure.
When it comes to receiving authorization codes, not all methods provide the same level of security. Having a code sent to your email is often the least secure because most people do not secure their personal email properly (as mentioned in the previous tip). Instead, opt for push notifications in your apps (when available), as this is the most secure option. Otherwise, SMS (text) provides better security than email for most people. And again, regardless, you should be protecting your email accounts with the same rigor as you do your financial accounts. Consistent with the industry, Ally Bank has recently made changes to discourage the use of email for receiving codes. If you currently do not use SMS or push notifications to receive authorization codes, now is the time to set that up.
4. Avoid responding to suspicious emails, texts or phone calls.
Many customers are victimized across the industry every day by fraudsters calling and pretending to be their bank. They can even “spoof” the bank’s phone number, so it looks like you’re getting a call from the bank’s legitimate phone number. Oftentimes they have studied how the bank’s agents talk to customers, down to using specific scripts and tone to reflect the brand appropriately. These fraudsters also emotionally manipulate victims by claiming to be responding to urgent fraudulent activity on the account.
Even if a call or message appears to be from your online bank, don’t answer or respond if it at all seems suspicious. Alternatively, let the caller know you are going to hang up and call the bank back directly (via the contact number listed directly on the bank’s website) to continue the conversation, just to be safe. Or, in the case of an email or text, don’t click on any links within the correspondence. Instead, go to the bank’s website and double-check its contact information.
Additionally, scan for grammar errors within the body copy of texts and email and examine all hyperlinks for irregularities — all of these can be tell-tale signs of a cybercriminal at work. For instance, a criminal might entice you to click on a link to “ally.com” where they have replaced the “L’s” with “1’s” (a11y.com), and you may not notice without very careful inspection, especially depending on the font being used by the criminal.
To always stay one step ahead of would-be fraudsters, check out our roundup of the best tips to help protect you from cybercriminals.
5. Sign up for fraud alerts.
Most banks, including Ally Bank, allow you to set up suspicious activity alerts online or through their mobile app. In the unlikely event a fraudster gains access to your online accounts, you will receive an alert via email or text informing you about any questionable transactions, including large withdrawals, account closures and fishy login attempts.
You can also choose to receive alerts on your credit and debit card activity to keep an eye on those accounts too.
Is Ally Bank safe?
Keeping your accounts and personal information secure is a top priority for us — especially for those of us on the fraud and security teams. Our approach protects you with a layered strategy, which is constantly being updated to protect customers from the latest threats.
At Ally Bank, we guarantee that you will not be liable for any unauthorized online or mobile banking transaction as long as you report it to us within 60 days from when your statement is made available. Check out our online bank account options.
This way, you can feel safe banking on the go — whether checking your balance, paying your bills or sending money to a friend — whenever and wherever is convenient for you.
Want more fraud prevention tips to help keep you safe?
Jeff Kearney, CFE, CAMS, is the executive director of enterprise fraud, security and investigations at Ally, responsible for leading the company’s approach to fraud-fighting and prevention. Jeff works to create partnerships with teams across Ally as well as external vendors and law enforcement in order to stay vigilant and current on all fraud and security matters. Jeff has a long background in fraud and security, previously holding the position of chief security officer at GMAC Insurance.