How to Protect Your Customers’ Financial Information

Your customers put their money in your hands, and often their bank accounts. They also routinely give you sensitive information like their Social Security number and driver’s license. All of this information equals a lot of trust. And with great trust comes great responsibility…or something like that. But it definitely means that we need to step up our game and make sure all their information is secure.

Secure Data is Happy Data

So how can we make sure that we take care of our customers’ data? And how can your institution become a mini Fort Knox? Read on and we’ll cover seven different ways you can make sure your institution is secure and your customers’ data is protected.

1. Strong Passwords Required

Sometimes we need to step in and help customers protect their own data. By requiring your customers to create strong online passwords, you help keep them safe. Strong passwords are typically over eight characters in length, include both uppercase and lowercase letters, including at least one number, and include a symbol (e.g., &, %, #). You can also encourage your customers to make their passwords on your site unique instead of re-using one of their other passwords.

2. Security Questions

With the dozens of passwords, we all have these days, we are bound to forget one every once in a while (unless you use a password manager, which I highly recommend). In case your customers are as forgetful as the rest of us, they will need a secure way to recover their password and access their account. Enter security questions. Security questions ask for specific information from your customers that, hopefully, only they know. Standard questions are usually along the lines of “where were you born,” or “what was the name of your first pet,” or “where did you meet your spouse.” But you can also allow your customers to create their own custom security questions to provide even more security. Custom questions can be as unique as your customers and even harder for imposters to answer correctly. It’s one more level of security you can offer your customers.

3. Alerts

Occasionally, I get an email telling me that someone has logged into my account from an unknown device. Typically, the person who has logged into the account is me, so I glance at the email quickly before getting rid of it. But I am so glad to get the emails. It lets me know that my account is being taken care of. Your customers want that same sense of security, so you should give it to them. Allow your customers to be able to sign up for alerts when someone logs into their account, when a payment is made, if their user is restricted due to too many invalid login attempts, etc. These alerts not only provide your customers with a sense of safety, but they also enable them to help protect their accounts and contact your institution if something isn’t right. It’s what we in the industry call a win-win (and by “we in the industry,” I mean everyone).

4. Automatic Timeouts

5, 4, 3, 2, 1 and you’re out! Don’t worry, I’m not going to tell you to put your customers in timeout. I’m talking about automatically logging them out of their account after so many minutes of inactivity. This is especially helpful if a customer accesses their account on a public computer. Automatic timeouts help keep others from accessing accounts that were accidentally left open. And it’s something you should have set up for your institution’s online accounts.

5. Encryption

The online accounts of your customers must send and receive information from your institution, the customer’s banking institution, and often other third parties. There is a ton of sensitive data running around out there in the ether. And this is where encryption comes into play. Encryption allows us to convert information into a secret code that can only be read by those with the correct cipher. This allows you to keep your customer’s information secure and it means that encryption is a big deal. Make sure that your encryption is top-notch.

6. Internal and External Audits

Remember back in school when you turned in that paper that you had worked so hard on and thought was flawless, only to receive it back from your teacher a few days later with red ink all over the place? (Maybe that was just me.) Regardless, all I’m saying is that sometimes you need someone else to go over your work. Regular internal audits are a must and help your team stay up to date on security policies, procedures, and best practices. But sometimes you need an outsider to come in and put red ink all over the place (metaphorically speaking). External audits are great to spot weaknesses that you might overlook. They help you strengthen the security of your entire system and get rid of all those red marks that you didn’t even know you had.

7. Compliance

When you handle financial data, there are a lot of regulations that you need to stay in compliance with. And these regulations help your institution stay even more secure. They are like a nice older brother pointing out the potential pitfalls of your new school. For example, maintaining PCI compliance confirms that your institution is following the Payment Card Industry Data Security Standards designed to ensure that companies who handle credit card information maintain a secure environment. Meanwhile, maintaining System and Organization Controls (SOC) compliance helps your institution maintain security, availability, processing integrity, confidentiality, privacy, and financial integrity. Maintaining compliance is one more way you can offer your customers the security they need.

GOLDAccount Center: It’s Secure

I know that all of this might sound like a lot. But not to worry, we can help. Our GOLDAccount Center is a secure system that makes it easy for your customers to apply for and manage loans online. We take care of all the security so that you can relax. To learn more about the features offered in GOLDAccount