Random Thoughts

White Falcon Blog

Inspired by a remote Greek villiage from the Kefalonian mountainside, the ISPRATIS White Falcon blog delivers relevant, common sense cyber protection content.

Online Banking: Perilous or Pragmatic?

Online Banking

I recently received a request from a reader of the White Falcon Blog who wanted to know more about online banking.  He comes from a generation that at times can be less tech savvy.  He voiced several concerns about online banking, which in part inspired this article.  If you're looking to build more confidence and a greater sense of security with online banking, this article may help alleviate your concerns.

My Experience

I've banked online for as long as I can remember.  My current primary bank first offered online banking in 1995.  Although I may not remember it today, I can assure you that I would have jumped on the opportunity to use this technology.  If I did, in fact, start to bank online in 1995, that means I've been doing it for about 28 years.

At the time, I would have experienced anxieties many people likely feel today.  My penchant for testing the limits of modern technology would have overcome those anxieties, and I can say with high confidence that in those 28 years I am unaware of any losses or close calls experienced as an early adopter.

Between perilous and pragmatic, the answer for me is easy: it has been a pragmatic, even powerful tool in my lifetime, a tool that has likely saved me time and money.  However, it is fairly clear based on interactions within my social circle, many people are far from comfortable with this technology.

Let's start by introducing some of the basics of online banking, and see if this can help a few of us embrace this technology.

What is Online Banking

Online banking refers to bank services provided by financial institutions over the internet, services that allow customers to access their bank accounts, transfer funds, pay bills, and manage their finances from a computer or mobile device.

There are some great reasons to do your banking online :

  1. Convenient: Online banking allows you to access your account from anywhere, at any time, using a computer, tablet, or smartphone, making it a more convenient option for many people.

  2. Fast and efficient: Online banking can process transactions quickly and efficiently.  Available online functions allow you to check your account balances, transfer funds, pay bills, and manage finances.

  3. Improved record-keeping: Online banking provides easy access to detailed transaction records and statements.  This can make it easier to track spending and manage finances.

  4. Wider range of services: Online banking generally offers a wider range of services than traditional banking, such as the ability to view account balances, transfer funds, pay bills, and manage investment accounts.

  5. Cost-effective: Online banking is often less expensive than traditional banking since it eliminates the need for physical branches, ATMs, and paper-based transactions.

  6. Enhanced security: Online banking typically includes multiple security features, such as encryption and two-factor authentication, to protect personal and financial information.

Overall, online banking provides a more convenient, efficient, and cost-effective solution for many people, offering a wider range of services and enhanced security compared to traditional banking.

The Dangers

However, like any other online service, online banking has security vulnerabilities that can expose customers to financial fraud, identity theft, and other types of cyber attacks. Some of the most common security risks in online banking include phishing scams, unsecured Wi-Fi connections, weak passwords, and malware.

Safe Usage

To ensure safe usage of online banking, it's important to follow some best practices:

  1. Use a secure and updated device: Make sure the device you are using to access your online banking account is secure, kept up to date and protected with updated antivirus software.

  2. Strong passwords: Use strong passwords that are a combination of numbers, letters, and symbols, and change them regularly.

  3. Secure Wi-Fi connection: Use a secure, encrypted Wi-Fi connection when accessing your online banking account, especially when using public Wi-Fi.

  4. Be cautious of phishing scams: Be wary of emails or text messages that ask for personal information or passwords and only access your online banking account from the official website.

  5. Monitor your accounts regularly: Regularly monitor your bank accounts for suspicious activity and report any unauthorized transactions immediately.

By following these best practices, you can reduce the risks associated with online banking and ensure the safety and security of your personal and financial information. 

Prefer to bank the old-fashioned way?

Plainly put, there is no scenario where online banking is entirely risk free.  Similarly, traditional banking also introduces risks:

  • Security: Traditional banking involves carrying cash, checks, or other financial instruments that could be lost or stolen. Robberies or thefts of bank branches or ATMs are also possible, which could result in loss of funds or personal information.

  • Inconvenience: Customers must physically visit a bank branch during operating hours to access their accounts or perform transactions. This can be time-consuming and inconvenient, especially for those who have busy schedules or live far from a bank branch.

  • Limited accessibility: Traditional banking may not be accessible to people who live in remote areas or have mobility issues. Additionally, bank branches may not have the necessary language or cultural services to serve diverse communities.

  • Lack of transparency: Without online banking tools, customers may not have real-time access to their account balances or transaction history, making it difficult to track their financial activities.

  • Limited customer service: Traditional banking may not provide 24/7 customer service support, which could be problematic for customers who need help outside of regular business hours.

For those who are very uncomfortable with the idea of banking online, these "trade offs" may well be worth it.  If you happen to be in this camp, this article likely won't change your mind.  If you're still on the fence, perhaps I can offer a few more tips to get you past your biggest worries.

  • Keep software up to date: Regularly update the operating system and any software you use to access your online banking account.  This ensures a more secure experience, and may improve your overall interaction with the online banking service.

  • Use familiar hardware: Try to stick to personal devices that you are comfortable with, are never shared, and can easily be accessed in a safe place.  This leads to the next tip to:
  • Avoid public computers: Avoid accessing your online banking account on public computers, such as those in libraries or internet cafes.  Public computers should be considered "untrusted" by default.

  • Be careful with personal information: Be careful about the personal information you provide online and only enter it on trusted and secure websites.  How to know when a website is both trusted and secure?  Perhaps an article for another time.  Let me know in the comments if you'd like to know more!

  • Get help: Don't hesitate to seek help from family, friends, or your bank if you have any questions or concerns about online banking.  If you're unable to reach anyone, you can always leave a comment here, or register on White Falcon Blog to reach me directly, I'd be glad to assist you any way I can.  And finally:

  • Use two-factor authentication: A mouthful of a tip, and one that likely requires more explanation.  This is why I left it last.  Where available, enable two-factor authentication for your online banking account. This adds an extra layer of security by requiring a second factor, such as a one-time code sent to your phone, in addition to your password.  In Canada and from what we are able to see, there are 9 Canadian banks who offer a second factor of authentication to their customers:
    • RBC - RBC offers two-factor authentication through their RBC SecureCode service, which sends a one-time password (OTP) to your phone or email.

    • TD Canada Trust - TD offers two-factor authentication through their TD Access Card Security feature, which requires you to enter a security code generated by a device when logging into online banking.

    • Scotiabank - Scotiabank offers two-factor authentication through their ScotiaConnect platform, which requires users to enter a unique security code sent via text or email in addition to their regular login credentials.

    • BMO - BMO offers two-factor authentication through their BMO SecureCode service, which sends a one-time password (OTP) to your phone or email.

    • CIBC - CIBC offers two-factor authentication through their CIBC Online Banking Security Guarantee, which requires users to enter a unique security code sent via text or email in addition to their regular login credentials.

    • National Bank of Canada - National Bank offers two-factor authentication through their National Bank Secure, which requires you to enter a security code generated by a device when logging into online banking.

    • Desjardins - Desjardins offers two-factor authentication through their AccessD service, which requires users to enter a unique security code sent via text or email in addition to their regular login credentials.

    • HSBC Canada - HSBC offers two-factor authentication through their HSBC Secure Key feature, which requires you to enter a security code generated by a device when logging into online banking.

    • Laurentian Bank - Laurentian Bank offers two-factor authentication through their LB Access platform, which requires users to enter a unique security code sent via text or email in addition to their regular login credentials.

Final Thoughts

If you are convinced online banking cannot be trusted under any circumstances, this article will likely have a limited impact.  On the other hand, if you happen to be in the same camp as the White Falcon Blog reader who inspired this article - that is, someone curious enough about the technology to consider a change - I hope this information proves useful enough to carefully adopt the technology.  As always, leave a comment below or reach out to me directly for any questions at This email address is being protected from spambots. You need JavaScript enabled to view it..

The next article planned will focus on that difficult question of "how much cyber security is enough?"  I know this will be a challenge for me to organize the various important concepts that can help answer this question.  Until then, I look forward to hearing from you with feedback about the articles, questions you might have, and any other way I can help you with your cyber security concerns.


First Impressions

It may be premature, but I think this was meant to be.

My cyber security career started in 1997, when I realized that I can build a career in the field of information technology - or "I.T." - and that I can actually specialize in "I.T. security".  The idea that I.T. - which had already become quite a large part of our daily lives - required a set of knowledge and skills that helped people use I.T. safely, allowed me to dream about an exciting new career path.  I grabbed hold of this new found motivation and ran with it; along the way I progressed a formal education in the specialization and continued to pursue professional roles in a quickly growing field.

Fifteen years later, in 2012, I decided to create an incorporated entity and test the professional consulting market.  At this point in my career, I had accumulated five years of private sector experience followed by ten years in the public service.  I was ready to pursue a completely new direction, one that would allow me to think and act freely towards the achievement of my goals, and in particular, some new ideas.

Initially, I created a low-cost, high value cyber protection service whose target market was what I considered at the time to be the most vulnerable parts of our society: small businesses, non-profit institutions, small health care facilities, small law and accounting firms, and even small educational institutions.  I developed a business plan, performed some market research, and developed a small service offering based on my accumulated skills and know-how.

What I discovered on my journey at that time is that the business model I'd chosen could help some people, but the majority of the people I wanted to help were still out of reach.  The model lacked long term viability.  I continued my efforts as a professional consultant, where my knowledge, skill, and experience provided valuable service to large public and private sector entities.

Ten years later, I find myself once again at a cross roads.  At its core, I continue to seek out ways to help more people.  The original mission I'd envisioned when I first incorporated still drives me.  However, I now find myself with what I believe is a real opportunity to actualise that original vision: to provide valuable, common sense cyber security advice, guidance, and protection to the most vulnerable in our society.  The White Falcon Blog is my attempt to realize this idea, that I can reach the people that may need help the most.

The future continues to be uncertain, as it is for all of us.  However, the same instincts that helped guide me in 1997 still exist today.  I intend to produce blog posts on this familiar topic - of cyber security and protection - with my audience in mind.  Topics of discussion will revolve around what I consider to be of interest for my intended audience; however, I look forward to feedback from readers, especially suggestions for content that matters most to you.

Welcome to the White Falcon Blog.  I look forward to the journey with you.

White Falcon