and Other Financial Services
Over the last ten years or so, the world of banking and finance has slowly been changing. Banks have moved their services online and often closed high street branches. New online-only providers of banking and other services have entered the market.
New forms of payment have emerged using apps and smartphones, alongside banks’ own contactless payment cards.
In short, banking has moved into the digital age. Many customers, however, have been slower to embrace the changes. Rightly, not everyone is totally confident about security online, and some simply prefer to talk to a person. However, the coronavirus pandemic has hastened the move to digital because it has been hard to provide face-to-face services safely.
This page explains the changes, and how to stay safe in the new financial world.
A Regulated World
The banking sector—and indeed financial services more generally—is highly regulated.
Around the world, central banks (the Bank of England, for example, the Federal Reserve System or the European Central Bank) have placed legal requirements on banks and other financial providers. These requirements are designed to keep confidence in the sector relatively high.
They generally focus on making sure that the sector remains stable, so that people depositing money with banks know that it is safe in the event of a crisis. However, it is as much about perception as reality.
Examples of regulations include:
Banks are required to assure themselves that people are credit-worthy before they are provided with money through loans.
Banks have to hold a certain amount of money (capital) to cushion the effect of any financial crisis.
In the EU and UK, there is a guarantee that, even if a bank fails, all deposits under £85,000 will be protected.
Banks and financial providers therefore do not have full freedom to do exactly as they want—and nor would we wish them to have that freedom. However, this also means that there may be flexibilities that are unavailable to them. This may affect what products certain organisations can offer.
One regulation that will have a major impact on the financial world is the EU’s new Payment Services Directive (known in the sector as PSD2). This regulation improves the security requirements for banks, so that customers can be more confident that their personal information will be safe. The Directive also opens up new options for payments by requiring banks to make information available to payment services providers on request from customers. This should mean that customers are able to use new payment providers with increased confidence in security.
What all this means is that banking and financial services customers should feel confident in using financial services. Regulators have taken action to make them as safe and secure as possible.
However, regulations are not designed to protect you from poor decision-making.
In other words, we all still have a part to pay in making sure we are safe online—from checking before making payments to not disclosing our passwords.
For the purposes of this page, we define online banking as using services provided by a high street or online-only bank. This might include opening an account, paying in or withdrawing money, and making payments to another person or organisation.
Banks have made huge efforts over the last few years to deliver secure online banking services—backed by increasing regulatory requirements.
For example, the new Payment Services Directive requires a two-factor authentication, which many banks have been using for years.
What is two-factor authentication?
Two-factor (or multi-factor) authentication is the use of two (or more) factors to give users access to their accounts. This usually means a combination of:
- Knowledge – something only the user knows, like a password;
- Belongings – something only the user owns, such as a smartphone or an identifiable card-reader; and
- Intrinsic information – something that is an integral part of the user, such as their fingerprint or iris pattern.
Triple-factor authentication is the most secure, but even two-factor is better than one. Many banks have been using two knowledge-related factors for some time (for example, a password and a piece of memorable information, However, the regulations require them to use two different classes of security. A bank card and a personal identification number (PIN) is an example of two-factor authentication. Others might be a password entered from a ‘trusted device’, or a fingerprint scan combined with a personal identification number.
This move to increased security is positive. However, banks were the targets of almost half of all data breaches in the financial sector in 2017—and criminals are always looking for new ways to attack. Banks therefore need to work to stay ahead.
Staying Safe While Banking Online
Your bank is therefore taking action to try to keep your safe. However, you also have a responsibility. There are several things that you can do to keep yourself safe. These include general things, like always keeping your anti-virus and anti-malware protection up-to-date
For more about this, see our page on Protecting Yourself in the Digital World.
However, there are also some things that are particularly important when banking online.
Top Tips for Safe Online Banking
Use different passwords for different accounts—and change them regularly
We probably all know that we should have different passwords for everything online. However, many of us also can’t keep track of so many different passwords, and it is tempting to use the same one each time.
This is (sort of) fine for your social media accounts. However, it’s really NOT good for your bank accounts. Have a different (unique) password for each account, and different memorable information.
If you really can’t remember them, write down a mnemonic that will only mean anything to you.
Don’t use public wi-fi for online banking
Do not be tempted to do your online banking in the coffee shop. Public wi-fi is not secure. It is far better to wait until you are home—or do it on your mobile, via your bank’s app, where extra protection has been built in.
However, if you are going to use mobile banking, do make some checks. For example, ensure that you have your bank’s official app, and also look for reports such as Which?’s review of online banking services and check out your bank’s services.
If you use mobile banking, it is worth registering for services that will allow you to wipe your phone clean remotely if it is stolen (for example, Google’s Find My Device).
Be careful what you share on social media
It is tempting, when asked for memorable information, to use dates like your wedding, or your spouse’s birthday. However, remember that much of this information is now public via social media. Even your mother’s maiden name may now be public if she is also on social media.
There are two things here: be careful what you share, and pick authentication information that you will NOT make public in any way, especially inadvertently.
Other Financial Services
There is a growing trend towards buying or using other financial services online. These include insurance and investments.
Buying Insurance Online
Insurance has been available online for some years now. Buying online is also usually cheaper than via telephone, and there are now some online-only providers whose prices are extremely low. Comparison websites offer a good way to compare providers and ensure that you are getting a good deal. They also offer security about making payments, especially if you use one of the big sites.
There is more about how you can be confident about making online payments in our page on Online Shopping and Payments.
However, you need to be aware that:
Comparison websites are free to use—which means that you are not the customer. These websites’ customers are the insurance companies. Some work on commission, and others are paid to feature particular providers. You are therefore NEVER going to get a complete picture from any single site. You may find that acceptable, but if you really want to be absolutely confident, use several sites, and also get quotes from some independent providers that do not feature on any comparison sites.
Insurance companies are businesses. It will pay to check the small print. Before you purchase any insurance, via comparison sites or directly, check the terms and conditions carefully to make sure that you can do everything that you will need. Some of the cheapest deals, for example, do not allow you to amend your policy while it is in force without paying an administration fee.
It may be helpful to check out your chosen insurers using independent review sites. A quick search for reviews of your potential insurance provider should identify any major issues about paying out on claims. This is especially important for new providers, or those that are unfamiliar to you.
Ultimately, insurance is always a difficult purchase, because it is what is known as a ‘grudge purchase’. In other words, most of us buy it hoping that we will never have to use it. It is therefore tempting to pay the lowest price and hope for the best.
However, this can backfire if you have to make a claim. A little checking early on goes a long way—and the internet is a very good source of the necessary information.
The internet has had another effect in the financial world: it has brought stock market trading within the reach of anyone with a computer. There are now online tools available to help you manage your own stocks and shares portfolio, and anyone can become their own fund manager. There is plenty of information available, suggesting that the average person could easily make a reasonable return on stocks and shares.
However, in practice, this does not happen. Research shows that individual investors who manage their own portfolios generally do less well than the stock market average. It seems that we tend to sell shares when they fall in value, and are too likely to buy things that are expensive. Professional fund managers do the opposite.
The bottom line is that you can manage your own share portfolio, but paying someone is probably a better move unless you really know what you are doing.
However, many investment managers offer portals that allow customers to invest in particular funds online. This may provide added flexibility in managing your overall portfolio without the risk of investing direct in the stock market. These services, like banking, are regulated. You can therefore be confident that they are secure—but you need to take the same precautions as with online banking.
Staying Safe Is A Partnership Problem
The bottom line about safe banking and other financial services online is that the responsibility is shared. Your financial provider—whether bank, insurer or investment provider—has a legal duty to take certain steps to protect you. However, you also have a responsibility to protect yourself, for example, by keeping your password secure.