Security concerns are a major reason why businesses are put off virtual banking. There is often a perception that using the internet as the primary way to conduct financial transactions is riskier than the more established approaches and networks used by traditional banks.
But this perception is inaccurate. Security is central to what virtual banks do, both in terms of the infrastructure and technology they use, but also in more practical ways.
Most virtual banks are members of various financial services and payments regulatory organisations and subscribe to the rules and regulations these put in place.
For instance, a virtual bank that holds a PCI DSS Level One certificate will ensure that the card details of clients are handled according to the highest security standards. PCI-DSS helps protect the safety of cardholder data stored, processed or transmitted by financial institutions (as well as merchants).
Other compliance standards that demonstrate the ability of virtual banks to keep payments secure include SEPA and SWIFT.
SEPA provides a single system for both domestic and cross-border bank transfers, ensuring cheaper, faster and safer cross-border payments. Virtual bank accounts equipped with an IBAN, the standard for European bank account numbers and one of the cornerstones of SEPA, strengthens the security of international payments.
SWIFT membership is another stamp of approval, with members having the capability to send wire transfers using a SWIFT code, an international bank code that identifies particular banks worldwide. This enables customers to receive payments to their personal account using their SWIFT code as a personal identifier.
Membership of major card schemes is another indication of good security, as it demonstrates that virtual banks are trusted by these brands and making use of existing trusted infrastructure.
These certifications and memberships show that virtual banks are in line with national and international regulations and take the security of financial transactions seriously.
Virtual banking also increases security in more practical ways. For instance, the approach promotes a cashless way of doing businesses. This means less physical cash needs to be handled and kept safe. All money that goes in and out of the business can be kept track of more easily than with cash and as a result, is much harder to misplace.
In addition, virtual banks are generally less paper-based than traditional banks, which makes it harder for opportunistic criminals to get hold of personal and financial information.
Of course, there are also steps users can make to make their accounts more secure – as with any service accessed via the internet.
For example, passwords for virtual bank accounts should be sufficiently long and contain upper- and lower-case letters, numbers and symbols. Users should also ensure they don’t use the same password for other services and systems and set a password validity period, to ensure it is regularly changed.
As with any IT system, antivirus software should be in place to detect any virus or malware that might attempt to access data. Users should also avoid public Wi-Fi access points, which often aren’t as well secured as home or office networks.
Users should also think about enabling two-factor authentication on their account, which requires a password as well as a one-time code sent to a mobile device. IP address restrictions, which mean the account can only be accessed by certain IT addresses or those located in certain countries, can also bolster security.
Virtual banks have to adhere to the same security standards as traditional banks, and are trusted to make use of well-established and secure payment channels such as SWIFT and those provided by card schemes.
Because virtual banks operate online, more care needs to be taken around internet and password security. But if these steps are followed, there is no reason why virtual banking should be any less secure than traditional banks - and in some respects, it is even more secure.