Apr 082013

By Renee D. for SafeBillPay.net

Having the ability to pay bills online has been made life easier for millions of people. While there was some concern initially, online bill pay services have become so popular and commonplace that most people never give any thought to security.

Online security

Online security – how secure is your bill pay account?

Most companies and financial institutions offer state-of-the-art protection for the different types of services offered. Unfortunately, however, there are still a few that depend on older security systems that do little to protect personal and financial information.

For anyone interested in paying bills online, it is important to choose a reputable service but also one with the highest level of security available. The biggest challenge is that most consumers know little about security, which makes it difficult to know which companies and institutions are actually safe opposed to those that pose some degree of risk. Knowing what to look for would make it easier for an individual to choose a service for paying bills online but without worrying about personal or financial information being stolen, shared, or sold.

Security Measures

There are actually several different levels of security available to keep consumer information safe. The following are a few of the most important security measures to look for in any online bill payment service.

o User ID – In addition to setting up an initial user ID, customers of any bill pay service should have the ability to change this identification whenever wanted

o Password – As with the user ID, an individual would choose a unique password that no one else would have but another critical security measure a system that allows a user’s password to be reset. However, not only should the password be something chosen by the customer but validated with unique security questions for which answers would have to be provided.

o Customer Service – Consumers should have the ability to reach a live customer support representative whenever there are questions or concerns about an account or transaction. Therefore, any service being considered for paying bills online should also have support 365-day, 24-hour support.

o Terminology – Another challenge when trying to separate online bill pay services from those that could lead to information being compromised is terminology.

Unless a person has a technical background, it would be difficult to know what security terminology means. Although not every term used should be researched, it would prove beneficial for a person to gain a general understanding of online bill pay terminology.

o Gateway – The gateway is very important for someone who wants to send or receive money online but also pay bills. Although many online bill pay services use only a payment gateway, some of the more reputable sites utilize this gateway in conjunction with the payment handoff option. The three main types of gateways are described below:

o Payment Gateway – With this gateway, messages are sent via an API to authorized networks, which in turn receives an approval or denial response. This particular gateway is deeply embedded within the company or organization’s software, which mandates a diligent PCI certificate but in some instances, certification for PA-DSS as well.

o Virtual Terminal – In this case, a site that offers payment services would be replaced with an actual terminal connected to a workstation used with a swipe device for swiping credit and debit cards.

o Payment Handoff – This is actually a combination of a payment gateway and virtual terminal. For payment approval, only a small portion of the virtual terminal would be required and for payments being captured and authorized, a third-party would be involved. Depending on the setup, paying bills online would be done in real time or scheduled batches.

o Collected Information – The type of information gathered by online bill pay sites varies but in general, this type of service should be most interested in a person’s name, email address, physical mailing address, and phone number. This information would be used for two primary purposes to include processing financial transactions and sending out informative or alert emails. If additional information is requested during the registration process, more research should be performed on that particular company or organization.

o Information Protection – For the personal information that is provided, a secure server is needed. Using SSL (Secure Socket Layer) technology encrypted into the gateway database would make this information accessible only to someone with specific authorization. As a result, any information provided would remain confidential.

o Stored Information – While personal information would be stored on the server, any financial information to include bank account information, credit card numbers, social security number, and so on should never be stored on the online bill pay company or organization’s server.

o Cookies – Most people are aware that cookies are often used by hackers as a means of gaining information about the types of sites visited or transactions completed. Specific to paying bills online, it is common for cookies to be used but only to get a better understand of what customers prefer to the bill pay site. However, if the latest technology is used for security, enabled cookies should not cause a problem.

o Information Sharing –When first registering with an online bill pay services, it is common for an “opt-in” box to appear. There would be a brief description of what happens if checked, which is critical. If not careful, a person could accidentally choose to opt-in, which means to give that company or organization permission to sell or share personal information. Sometimes, the Terms and Conditions will also provide key insight into whether the bill pay service offers customer information to third-parties. Obviously, information should never be sent, shared, or sold to anyone.

o Redirects – The last thing we wanted to mention about security for online bill pay sites has to do with redirects to third-parties. Although third-party references or even affiliate links might be provided on a bill pay website, at no time should there be an automatic redirect. Only consumers should have the authority to visit another site, which adds to security when paying bills online.

%d bloggers like this: