Regulation of Internet Banking

Two Factor Authentication

• As of 2006, federal regulators began requiring banks to use two-factor authentication with their online accounts. Two factor authentication requires an initial log in, with a username and a password, as well as an additional step, such as the answering of a personal question. This is not a foolproof means of preventing unauthorized access to an account, but it is a step beyond the simple log in and password that many banks were previously using.

Reputable Banks

• As more people have become used to the idea of online banking, many Internet only banks have begun to appear. Many offer higher interest rates on accounts than conventional banks and other benefits to lure away consumers. The risk is that some of these banks may not be trustworthy. In response, the FDIC has created a website called Bank Find which allows users to look up any bank and see if it is reputably insured.

Phishing

• A problem in online banking is the increasing occurrence of what is known as "phishing." This involves the creation of an email or a fake website which pretends to be from a reputable bank, and lures web users into giving away their private information. The same laws that apply to more traditional financial fraud also apply to "phishing." The federal government has begun to step up its enforcement efforts in online fraud.

Future Regulation

• As Internet banking continues to evolve and as more consumers begin to depend on it, new regulation will likely be necessary. Many have proposed requiring banks to impose even stricter authentication methods on users in order to access an account. Possible methods that banks could be legally required to impose include the use of changing passwords and computer encryption software. It is likely as technology improves that better methods for security will be devised.