VOL. 128 | NO. 160 | Friday, August 16, 2013
Banks Step Up Barriers Against Hacking
By Andy Meek
There’s an urban legend about a famed bank robber who, when asked why he targeted banks, answered matter-of-factly, “Because that’s where the money is.”
The same principle applies in the digital age of banking. Hacking and cyber theft are on the rise, and banks and their websites, mobile sites and smartphone apps increasingly are targeted by crooks because, well, that’s where the data is.
Susan Dupree, vice president of digital strategy for First Tennessee Bank, said First Tennessee is getting ready to launch a public awareness campaign about security issues relating to mobile devices. That campaign will kick off in the next month or so, and it will focus on informing customers how to keep their banking data secure on devices such as smartphones and tablets.
People tend to stay logged in to bank sites and apps on their mobile devices, meaning if their device is ever lost or stolen, they could be at risk of losing sensitive personal and financial data.
Dupree said First Tennessee also recently added multi-factor authentication to its arsenal of security tools.
“That means, for example, any time somebody changes their information when they bank online, we send them a text with a code that they type in,” she said. “It makes it so that someone who may have your login information can’t change anything in your account without also having that code that was sent to you as a text.”
The danger posed by hackers is a constant worry for local banking executives. Steve Weaver, regional bank president for the Memphis area for First State Bank, said his bank is constantly taking a fresh look at network security and fraud detection and prevention.
“Bank customers are increasingly dependent on mobile applications, and we want our customers to have peace of mind while using these enhancements such as our mobile check deposit and iPad app,” Weaver said.
Some industry professionals warn that there’s no ring fence that can be erected that is guaranteed to keep hackers away. One information technology professional, for example, told The Daily News there are two types of people in the world – those who have lost data, and those who will lose data.
Magna Bank is another local financial institution that recently rolled out multifactor authentication. Now, if a customer logs on to Magna’s mobile-optimized website for the first time, for example, they’ll be prompted to receive a code via either text or a phone call.
That lets Magna know the customer is who they say they are before Magna proceeds to let them go further.
“It’s a constant battle,” said Steve Crocker, senior vice president of information technology for Magna. “It’s a matter of building in layered controls so that if one is bypassed then another one kicks in to mitigate it. This is not a new thing. This is what we’ve always done. We’re only increasing now what we’ve always done, partly because mobile access is an area that’s become so widespread.”
Banking officials like Crocker say the problem is heightened by a duality of customer expectations banks have to accommodate. On one hand, customers expect convenience – in the form of things like an easy-to-use website and mobile device capability. On the other hand, banks have to ratchet up their ability to keep those offerings secure, even while making them more widely available.
“There are a lot of bad guys out there,” said Triumph Bank CEO Will Chase. “There seems to be a lot of people who sit around at 2:30 in the morning trying to figure out how to do bad things, and the problem is most of us are all asleep then.”