08142018Tue
Last updateFri, 10 Aug 2018 3pm

Online banking: security frustrations

There are times an Information Technology support person such as me has the opportunity to see both sides of a disagreement, and sometimes I have to sympathize with both sides and lament that there is no way the needs of both parties can ever be satisfactorily reconciled.  As a professional who has spent years doing computer support work for law offices and financial institutions, I fully understand the need for security, confidentiality, and strict adherence to procedures.  As someone who also works with an older population of computer users I also understand the desirability of avoiding unnecessarily complicated procedures whenever possible.

As banks and credit card companies have come under increasing assault from gangs of organized criminals online, they have wisely instituted policies to protect their clients and thwart attempts at online theft.  These policies are usually well thought out, however; for some customers these security rules and regulations can amount to quite a barrier to be overcome.

My good friend Gordon started experiencing great difficulties doing his online banking.  According to him the bank kept changing his password every day and he had to phone the bank to get a new password; and this was frustrating beyond words.  I see the problem from Gordon’s side, and I am trying to couch this as diplomatically as I can.  He has a problem shared with other octogenarians; he does not see as well, hear as well, type as well, or remember passwords as well as he did, say 50 years ago.  His bank’s requirement that his password be 12 characters long, upper and lower case, and a mix of numbers and letters, and changed daily; well, this was just unbearable.

I joined Gordon in a telephone conference call to his bank during which we spoke first to a lady named Layla, and much to Gordon’s frustration she adamantly refused to talk with me on the line.  This sounded to me like someone following procedure so we asked to speak to her supervisor.  Rolando came on the line and speaking as computer tech to computer tech he explained Gordon’s password did not need to be changed every day, but that he was being locked out for typing in three wrong passwords.

Gordon did not know he could only try three passwords before being locked out, and I understand why.  It would be easy for the bank to have their web site respond “You typed three wrong passwords and are now locked out” but the reason not to do that is that you do not want the crooks to know they can try two passwords today, wait a day then try two more, and so on.

My point here is that while the password and other security requirements for online financial transactions might seem unnecessarily troublesome, it is almost always possible for an informed professional to discern a valid reason for the existence of any rule.  While relaxing any of their security rules is the last thing most banks wish to do, it is true that sometimes there is a way to do so.  One bank (I had to promise never to name which one) will allow account holders to use a short password.  This is decided on a case-by-case basis and approved only by the head of the data processing department.

If you are frustrated by issues related to security and your online banking, my suggestion would be to seek the advice of a professional technician or a trusted friend who is very computer-savvy.  Online banking is an area with a lot of complex rules, all put there for your protection, but rules that can often be coped with through better understanding.

Charles Miller is a freelance computer consultant with more than 20 years IT experience and a Texan with a lifetime love for Mexico.  The opinions expressed are his own.  He may be contacted through his web site at SMAguru.com.

No Comments Available