America’s Safest Online Banks: How 20 New England Banks Stack Up
In some ways, prudence has paid off for the American public. By avoiding online banking, for example, Americans stayed out of the international Icesave crisis of 2008, where Dutch and British depositors lost 7 billion euros in online accounts based in Iceland.
Clients derive a sense of security from accessing the place their money is physically kept, but there is actually no longer a need to be wary of online accounts. It’s not 2008. Today, online banking is as secure as visiting your local branch.
In the United States, the FDIC guarantees funds in online accounts up to $250,000 (just like traditional accounts). Banks’ growing awareness of cybercrime has also generated an impressive list of best security practices to protect online accounts from hackers.
Nowadays, if there is a security breach in online banking, it is usually on the client’s side. If the client’s device is infected with a virus that crawls messaging and emails or redirects the user from popular bank web addresses to malicious clone sites, hackers can gain access to client passwords.
Take advantage of the convenience of online banking, while also protecting your account from hackers, by keeping your devices virus-free and using one of the twenty banks below that implement best online security practices.
We reviewed and ranked a cross-section of New England banks based on their emphasis of the following best online security practices:
- Secure login: Because hackers are more likely to target weak security on the client’s device than to target a bank directly, a complex login prevents hackers from easily accessing an account with stolen login information. Difficult security questions, verification images, and complex passwords increase account security.
- Mutual authentication: Mutual authentication, a process that requires that the bank server verify its identity to the client simultaneously with login, prevents malware from obtaining the client’s username and password by imitating the bank website.
- Firewalls: Programs that separate mass internet traffic from authorized bank transmissions is key to protecting the bank from cyber attacks on their side. Effective firewalls keep unauthorized data out of the bank’s network.
- End-to-end encryption: Encryption, the practice of scrambling data sent over the internet to avoid interception, is an indispensible online security tool. It is one of the basic practices of online banking and every bank uses some form of encryption to transfer data discreetly. To check if a site uses encryption, look for the “https://” web address prefix and the green toolbar denoting the site has passed an external security audit.
- Session time-out: To prevent a third party from taking advantage of a client who forgets to log out, sessions should time out after 20 minutes or less. Banks should not allow automatic login, particularly on portable devices that could easily be stolen.
- Account monitoring: Banks that track client behavior can detect uncharacteristic spending and, therefore, block unauthorized transactions as they happen.
We focused disproportionately on local banks for two reasons. First, big banks’ necessarily implement strict online security practices already. Second, hackers target big banks with malware schemes that, for example, redirect traffic on infected computers from the bank’s web address to a malicious clone. It is sometimes safer, then, to use a small online bank that is not an easy target for hackers.
The following banks were chosen for a combination of online security and overall quality according to customer reviews. Of course, a good reputation was not enough to claim a spot on our list. We excluded several well-regarded New England banks because of security issues including lack of an Extended Validation certificate for the bank’s domain.
The 20 Best Online Banks in New England
1. Ally Bank: Vermont’s Ally Bank implements a comprehensive online security system that includes secure login (two step), SSL 128-bit encryption, firewalls and anti-malware software to protect the bank’s network, and account monitoring (i.e. the system flags unusual account activity). It also offers Webroot SecureAnywhere software free to all customers. SecureAnywhere protects client devices from cyber attacks. Ally Bank security professionals also routinely monitor app stores for malicious clones of the Ally Bank app.
2. TD Bank: TD Bank utilizes multiple layers of online security in its mobile banking program. The bank’s secure login includes behavioral analysis of when, how, and from where the client logs into their online account. Its firewalls include an Intrusion Detection System to identify security breaches. TD Bank Online Banking uses 128-bit encryption and Verisign experts provide mutual authentication. In addition, third party security consultants periodically evaluate TD’s security measures.
3. People’s United Bank: People’s United Mobile Banking implements layered security measures that include 128-bit SSL strong encryption, secure login using either a PIN or password, and mutual authentication. A client must personally enroll all his or her devices in the mobile banking program to access his or her online account from that device.
4. Webster Bank: WebsterOnline Banking’s basic security features include secure login with a verification image to protect against malicious clone sites, firewalls, and the “highest level” of encryption. Clients may also register their devices with WebsterOnline Banking to enable mutual authentication, which increases online banking security significantly. Mutual authentication is, however, optional.
5. Rockland Trust: Rockland Trust Online Banking utilizes layered security measures, in accordance with best online security practices. The bank assigns new clients a one-time Secure Access code, preventing third party coopting right off the bat. The online bank also utilizes cookies to authorize client devices and 128-bit RC encryption to transmit requests.
6. First Niagra: First Niagra implements layered security measures that include 128-bit SSL encryption and secure login that includes security questions and a verification image. First Niagra also protects account information from hackers that make it through their multilayered online security by omitting bank account numbers from their online system, using nicknames to identify accounts instead.
7. Bangor Savings Bank: Bangor Savings Bank protects its network with firewalls, Intrusion Detection Systems, and anti-malware software. It also encrypts all lines of online communication between the bank and its clients, including email. Bangor Savings Bank also encourages clients to download Trusteer Rapport – security software that protects against attacks on client devices.
8. Citibank: Citibank employs 128-bit encryption for all interactions, additional authentication for sensitive requests like money transfers, a system of firewalls, account monitoring, and a date/time stamp that lets clients view the last time they, or anyone else, logged in to their online account. As a big bank, Citibank is a popular target for hackers. Online security is, therefore, a priority for Citibank.
9. Norway Savings Bank: Adhering to the “highest level of security available in the industry,” Norway Savings Bank Mobile Solutions uses secure login (including periodic security questions), 128-bit encryption, and account monitoring to protect the bank and its clients. The bank’s security system protects, especially, against attacks coming from international sources.
10. Key Bank: Key Bank uses secure login, firewalls, cookies, and the latest encryption technology to protect its clients from cyber attack and identity theft. The bank also employs accessible security professionals and encourages clients to liaise with these professionals if they have security questions or concerns.
11. Merchant’s Bank: Merchant’s Bank protects online accounts with SSL 128-bit encryption. The bank uses a double firewall to protect its network. Merchant’s Bank offers Trusteer Rapport – security software that protects against attacks on client devices – free to all its customers. It also includes helpful instructions on downloading and using the security software on PC and Mac, although the bank does not provide instructions on how to use the program on iOS and Android.
12. Citizens Bank: Citizens Bank uses secure login, firewalls, and encryption to protect its clients from cyber attack and identity theft. The bank also encourages clients to download Trusteer Rapport – security software that protects against attacks on client devices. Rapport addresses the weakest link in online banking security – vulnerable client devices. The program is available free to all Citizens Bank customers.
13. BankNewport: By searching through the fine print in BankNewport’s Access Agreement, we discovered that the bank employs 128-bit SSL encryption, risk-based managing tools, and mutual authentication to protect clients. It also uses out-of-band confirmation codes (i.e. the bank sends the confirmation code over a secondary client device) and account monitoring.
14. St. Mary’s Bank: St. Mary’s Bank uses, as all good online banks do, multiple layers of security. First, a secure login includes three levels of authentication: a login username and password, a verification image, and several security questions that pop up when the client uses a new device or makes an uncharacteristic request. St. Mary’s also uses 128-bit encryption and requires that all clients use a browser that supports encryption.
15. Eastern Bank: With Eastern HomeConnect, the bank’s online service, clients can pay bills, view 13 months of account history, and schedule bank transfers over an encrypted line. Eastern Bank also encourages clients to download Trusteer Rapport – security software that protects against attacks on client devices. Eastern Bank offers the program free to all its customers.
16. Enterprise Bank: As is standard, Enterprise Bank conducts all online banking communications using 128-bit encryption. Multifactor authentication and cookies prevent third parties from accessing your account remotely. Enterprise also provides downloads of Trusteer Rapport – security software that protects against malware attacks on client devices – to all clients free of charge.
17. Union Bank: Union Bank’s layered approach to online security includes secure login (two step, with security questions), 128-bit SSL encryption, and a bank network “anchored by industry standard security features” including, presumably, firewalls. 18. Northway Bank: Northway bank uses 128-bit encryption and requires that all clients use a browser that supports that level of encryption. The bank also uses a PIN lockout system to protect clients from cyber attacks. It encourages clients to report persistent requests for account information from third parties to the Customer Support Center.
19. Chase: As one of America’s largest banks, you can rest assured that Chase’s security system has evolved with the numerous cyber attacks hackers have made against it. The bank uses firewalls, temporary pins, and encryption to protect itself and its customers. The risk to banking online with a big bank is, of course, that well-known banks are more likely to be the objects of malicious schemes and cons.
20. Bank of America: Like other big banks, Bank of America’s security system has evolved with the high profile cyber attacks made against it. The bank uses secure login and encryption to protect itself and its customers. The risk to banking online with a big bank is, of course, that well-known banks are more likely to be the objects of malicious schemes and cons.