5. Security: Online banking

To log in to a bank account takes a number of steps.

a) Username - password, memorable word

First of all you will have been given an username and password by the bank. You will also have to define a 'memorable word' at some point.

At the login screen you usually enter the username / password by using the keyboard. Sometimes an on-screen 'virtual keyboard' is offered that you click with your mouse.

One weakness of using the keyboard is that your computer might have been infected with a piece of malware called a 'keylogger' that can intercept keystrokes and send them over the internet to a remote server, it may also begin to screen-capture. A virtual keyboard bypasses this because you are not pressing any keys or revealing anything on-screen.

b) Once past the username / password screen, the system will usually ask you about which letters are located within your memorable word. For example "type in the 3rd letter. type in the 5th letter, type in the 9th letter". Again, this is to foil a key logger since the questions will differ every time you log in and the full memorable word is never revealed.

Once past these steps, the system will log you in. It will also tell you the last time you logged in. It is worth noting this to confirm in your head that you did indeed log in around that time.

b) Two factor security

This is becoming more widely used as well. Namely you are given your own card reader by the bank. When you want to log in, you insert your card into the reader and enter your PIN. If it is correct you are given a long number on the screen.

You enter this number as part of the login process.

Even when you are in to the account, if you want to move money or make a payment, it will ask you to once more to use the device to obtain the authority number for the payment.

All this effort is to make online banking safer.