Account security alerts are important for informing users when unusual activity takes place on their account. Ideally, banks implement real-time measures, and allow the customer to designate their preferences for what they can, cannot, and should not do on their online banking profile. Pre-emptive measures remove much of the time and frustrations in attempts to resolve an account issue after fraud takes place. While all firms offer some level of security, the transparency, flexibility and degree to which firms mitigate potential damage while enabling a painless online session varies. With the increasing linkage of account information, numbers and use with outside platforms for everything from aggregation, to payments, to replicated online banking features (Mint bills), perhaps more than you know is actually in your wallet.
This report tests the recurring and randomized measures detected through a private site journey to change some standard features, such as an account address, and new contacts for transfers from some of the faster services, such as person-to-person payments. The necessity of security measures varies based on what a person can view and modify from online banking. For example, account routing numbers are publically available, but a Social Security Number is not—how do firms manage access to vital pieces of an account holder’s identity, or specific information for their account, without making the online banking experience cumbersome? To accommodate users’ changing security when accessing an account from a trusted laptop at home, or using Wi-Fi in a public location, firms should be flexible for users to upgrade, or slightly downgrade security from login to trusted recipients for their account, limiting unnecessary information accessible on the private site.