Home Retail banking Customers Online banking Internet security  


21 may 2003

Internet security

The findings of a working group which brought bankers and security specialists together within the FBF were compiled in the Banking Information Centre's Mini Guide N°4 on best practices in terms of security for Internet transactions, at the level of both banks and customers.


Best practices for THE BANK

Facilitate access and transactions: offer 24/7 access where possible; provide details of all transactions online; offer an acknowledgement of receipt for all Internet transactions; request confirmation before registering orders.

Ensure a high level of security: make access secure, at least with a user name and password; allow customers to change their password at any time; allow customers to block their access to the service; offer a secure transmission system; display the date and time of the last connection; advise or even require the use of a browser with an adequate level of security; display a button to exit the online banking service on all pages; automatically disconnect if no transaction has taken place.

Describe the functions and uses: offer an online presentation of e-banking services; indicate the means and terms of access to online banking helpdesk; present the site's security policy.

Present the possible courses of action in case of dispute: explain procedures; undertake to refund any transaction wrongly debited to the customer's account, following investigation.

Best practices for THE CUSTOMER

Safeguard PIN code: keep PIN in a safe place; do not save it automatically on the computer; do not record it where it is easily visible; do not give it to anyone; change it immediately upon registration with the service, then change it regularly; do not use an easily identifiable PIN.

Take necessary precautions: use the manual disconnect buttons immediately following consultation rather than wait for automatic disconnection; be particularly careful when using any self-service PCs (see the special recommendation below); use a regularly-updated anti-virus tool; take appropriate measures for computers with permanent internet connection.

Inform the bank of any irregularities: immediately inform the bank of the loss or theft of information enabling access to the online banking service; regularly check your accounts; immediately inform the bank of any irregularities.

Stronger precautions for users of self-service PCs, which may store information even after you have logged out.

Top of the page