Don’t Skip These Security Features When Shopping Around for a New Bank Account

Though the Federal Deposit Insurance Corp. protects your money in the event of a bank failure, it’s up to you – and your bank – to fend off malicious hackers who are after your personal and banking information. 

The number of financial data breaches happening each year is alarming. Last year, the finance and insurance sector experienced leaks of more than 254 million records across 566 data breaches, according to data from Flashpoint, a security and risk intelligence firm. 

While the banking industry is highly regulated and secure, users also have to take steps to ensure their information remains safe, said Bogdan Botezatu, director of threat research and reporting at cybersecurity firm Bitdefender. “The user’s habits and technology vulnerabilities sometimes tilt the balance in favor of cybercriminals.”

Savings and CD rates are changing rapidly across banks and accounts. Experts recommend comparing rates before opening an account to get the best APY possible. Enter your information below to get CNET’s partners’ best rate for your area.

Sometimes hackers are after common personal data like your name and email address, while others manage to steal more-sensitive information. The hackers behind an attack that targeted Flagstar Bank managed to make off with more than 1.5 million Social Security numbers. With the right combination of data, thieves may be able to take out loans in your name, make purchases and even transfer your money to themselves. 

And how criminals steal your private information is rapidly changing, too. “They have diversified their approaches in the past decade – from traditional phishing to malicious mobile apps targeting e-banking applications on the same device,” said Botezatu. 

Hackers may be changing the way they steal your data and money, but there are steps you can take to safeguard yourself. Read on to learn about the latest security features banks offer and to check out other online safety tips you should implement everywhere else. 

Banking security features to look for

1. Multifactor authentication

If a data breach occurs, a hacker might gain access to your bank account login information, like your password and username. But multifactor authentication makes it much harder to access your account because there’s another layer to logging in that thieves can’t easily control.

Multifactor authentication requires two or more credentials to verify your identity. That might mean logging in to your bank account with your login and password and then confirming with a code that’s texted to your phone. Though it might seem like a hassle to add this extra layer to the sign-in process, this second layer of verification can help keep hackers from getting into your bank account portal.

2. Account monitoring services

It’s important to regularly review your account statement because waiting until the end of the month may be way too late to spot a hacker. With that in mind, ask your bank if it offers instant banking notifications to let you know when your money is moved. This way, if you spot suspicious activity, you can act fast.

“We encourage users to enable transaction notifications in real time,” said Botezatu. “Whenever transactions are made, account or credit card owners should get an instant notification about it.”

Most banking apps also let you block and report specific transactions, such as online payments or cash withdrawals at the ATM. To safeguard your finances, you can block all online payments and then turn this option back on when you need to allow them, said Botezatu. 

3. One-time, disposable payment options

It’s important to look for enhanced solutions for your savings and checking accounts. For instance, some banks can generate disposable debit cards for one-time payments,” said Botezatu. Because even if the virtual card is compromised, it can’t be reused.

Most big banks, however, don’t offer access to virtual debit cards. Still, it may be worth checking with your bank if you often use your debit card online.  

4. Automatic logoff

Automatic sign-outs are simple yet crucial. Make sure your bank’s website or app will automatically log you out after a specified period of inactivity. You’ll also want to make sure your software and bank apps are up to date, to have the latest security features. 

5. Secure messaging

Ask your bank how it secures messages sent to users via mobile app or website. Some banks require you to log in to read sensitive communications, to better protect your personal and financial data. 

Ways to protect your personal and banking data

Your bank’s features are important, but you yourself play an essential role in keeping your data and money safe. Here’s what you can do to keep hackers at bay:

1. Turn on your multifactor authentication 

This bears repeating: Your multifactor authentication works only if you turn it on. Sure, adding one more hurdle to the login process might occasionally add four seconds to your timeline, but that’s a minor inconvenience compared with the massive headache you might face if someone managed to steal your credentials.

2. Create a strong and unique password

No, “1234” doesn’t fit the “strong and unique” description. Strong passwords include a mix of upper- and lowercase letters, along with numbers and special characters. And the unique piece is especially important here. For example, if you’re using the same password on an e-commerce site with fewer protections than your bank login, you’re making it a little easier for a hacker to gain access to your bank account. So it’s best to make sure your passwords are unique for each financial account. 

Also, if your password is compromised in a data breach and its identical to your bank account password, change it right away.

3. Don’t use open, public Wi-Fi networks

Free Wi-Fi comes with a cost: the heightened risk of your information being shared with the wrong person or a thief. If you’re using public Wi-Fi, you’re better off waiting to log in to your bank account (or any account, for that matter) until you’re using a password-protected private network. Alternatively, you could use your phone’s personal hotspot to bank more securely when out and about. 

4. Watch out for phishing scams 

If you receive an unfamiliar email or a text message that invites you to click on a link, don’t click. Instead, mark that note as spam and move on. These messages are part of “phishing” attacks, and if you click the link, a hacker may be able to install malware on your device to get your banking information, passwords and more. These scams are pretty successful, too. According to the FBI, over 300,000 Americans lost more than $52 million combined to phishing attacks.

Said Botezatu: “According to Bitdefender data, financial information is the most targeted – one in four phishing messages attempts to harvest financial data such as credit card information or credentials for fintech apps.”

Hackers are getting more sophisticated too, and they may use bank logos or other branding to make an email or other message look similar to your bank’s normal communications. So be wary and always check the sender’s information. And only download apps directly from your bank’s website. 

Are online banks more secure than brick-and-mortar banks?

There are plenty of differences between online banks and traditional banks with physical branches. Security, however, is one area where they’re basically identical. Both online banks and brick-and-mortar banks offer FDIC insurance, and both invest in technologies to safeguard their online banking data from hackers.

When banking in person, though, it’s important to never leave behind a paper trail. Shred any documents, like bank statements, receipts or checks, as soon as you’re done with them, to prevent someone from accessing your account information.

How to safely open a savings account online

Before you go through the process of trying to open a new savings account online,  do your research to see if the bank offers all the safety features you’re looking for, such as multifactor authentication and secure messaging. Most banks will proudly display a rundown of all their security features on their website (here’s an example from Ally). If you don’t see a feature, reach out to customer service before opening an account. 

Then, when you’re ready to transmit all your details, make sure you do so from a private and secure connection -- ideally, an unshared network at your home.