Many or all of the products featured here are from our partners who compensate us. This influences which products we write about and where and how the product appears on a page. However, this does not influence our evaluations. Our opinions are our own. Here is a list of our partners and here's how we make money.
With online banking — that is, managing your bank accounts through the bank or credit union’s website or mobile app — you can monitor your balances to avoid fees, deposit checks, and send money to friends and family. Plus, you can maximize the interest you earn by using online-only banks, which feature the best rates. But a recent NerdWallet survey revealed that many banking customers are concerned about mobile app security.
Fortunately, you don’t have to trade convenience for security. Banking online is safe when secure bank technology on the back end is met with alert consumers on the front end. As an account holder, you have a role in making sure your accounts are protected.
On the back end, banks and credit unions employ policies to keep online customer accounts secure. Standard measures include using anti-virus protection and firewalls on bank computers, fraud monitoring, and website encryption, which scrambles data so only the intended recipient can read it. If you bank online, chances are your financial institution uses these security measures.
Here are steps you can take on the front end as a consumer to make sure your account is as protected as possible when banking online.
» Looking for safe online accounts? Explore NerdWallet's list of best online checking accounts
Ways to improve your online banking security and protect yourself
1. Choose an institution that uses industry-standard security. You probably already want a bank or credit union that offers accounts with low fees and high interest rates. Add “top-notch security” to your checklist. Then, make sure your online accounts are backed by robust technology, like the measures mentioned above: firewalls, fraud monitoring and website encryption. Security features might be outlined on the bank's website or fine print. If you're having trouble finding that information, reach out directly to the bank.
2. Use multifactor authentication. Here’s how MFA works: When logging in, instead of just asking for a username and password, the financial institution requires you to provide another piece of information, or factor, to verify yourself. It could be a unique passcode sent to your smartphone as a text message, or even your own fingerprint. The point is, it’s another layer — one not as easy to steal as a password.
Many of the larger online banks — and traditional institutions with online accounts — adhere to these standards, so it should be easy to find a bank or credit union that fits the bill.
» Want to compare the top options? See our list of the best online banks
3. Skip public Wi-Fi for private banking. With a public network, you can’t be totally sure who sees what you send online, unless each page you visit is encrypted. The security of your private home network is ideal. If you have to log in while away from home, consider using your cellular data plan instead of Wi-Fi, or a virtual private network, known as a VPN. However you choose to log in, check for webpage encryption by making sure the address on the browser starts with "https" — the "s" signals that the page is secure.
4. Keep anti-virus software current. Make sure yours is up to date on your home computers and mobile devices.
5. Use long and complex passwords. Use combinations that are difficult to guess, such as a mix of uppercase and lowercase letters, numbers and symbols. Government websites generally require a minimum of anywhere from 12 to 16 characters for passwords, for example. But the longer and more complex your password is, the harder it will be to crack and the more likely it will be to provide protection against hackers. Consider using a password manager, which can be a helpful tool for generating and storing unique, complex passwords that are hard to crack.
6. Set up text alerts. Many institutions let customers choose to receive alerts by text or email whenever large transactions are made on their accounts or if the balance drops to a certain amount. If they see a purchase or transfer they didn’t make, customers can protect their account against further fraudulent activity by reaching out to the bank immediately. Customers have up to 60 days from the date on their bank statement to dispute any unauthorized charges on it.
» Concerned your account has been breached? Act fast to minimize the damage
Is online banking safe enough?
Online banking should be safe, as long as you take steps to protect your accounts and make sure your bank uses industry-standard security technology.
You can also keep your money safe by watching out for banking scams. For example, fraudsters often use so-called phishing scams, in which they send out emails or text messages pretending to represent a financial institution in the hopes of hooking an unsuspecting consumer.
The message might suggest there’s a problem with your account and ask for your bank password or Social Security number. Or it might say you won $100 million, but your account information is needed to wire the funds. If you reply, the criminal could use the information to illegally make purchases or withdraw money from your account. Don’t respond to emails or click on any links that are too good — or bad — to be true.
» Read more about common banking scams and what you can do to avoid them