If you aren't concerned about how secure your bank website is, you should be.

Of course the weakest link in most banking systems is you their customer.

Here is eight ways you can check out your banks online security yourself courtesy of a study conducted at the University of Michigan by Atul Prakash, a professor in the department of electrical engineering and computer science, and two doctoral students, Laura Falk and Kevin Borders:

1. All the pages of the bank's Website must use SSL (Secure Sockets Layer) and TLS encryption technologies. In the Internet Explorer Web browser, a small, yellow padlock icon appears at the bottom of the page when such encryption is available. It prevents hackers from tapping into the exchange of information between the user's computer and the bank's servers and routers.
2. Users should not use their computer keyboard to type in passwords. Many computers are infected with keyloggers: small software applications that monitor the user's typing and pass on the information to networks of criminals. Instead, the bank should provide a "virtual keyboard" (a tiny on-screen graphic that looks like a keyboard). Users can then click their mouse and press the various "keys" of the virtual keyboard to form the password.
3. The banking Website should not re-direct the user to other domains or sites (which potentially are not as secure).
4. The bank should insist on strong passwords: minimum five characters, allowing combinations of numerals and letters, including capitalized ones.
5. The bank should never send any information pertaining to the account - especially not passwords - via e-mail.
6. The bank should insist on "two-factor authentication". The user would need a username and password to access the Website. But, to transact in the account, he would make use of one time "tokens" (codes). Each user should be equipped with printed lists of such codes or with a special device that generates them. They can also receive the codes via SMS. The codes are used to transfer money, change the password, change the limit of withdrawal, give instructions regarding securities and deposits, etc.
   

As I mentioned above your computer will generally be the weak link in any transaction over the Internet and that's why I developed SpyCop Cloak.

SpyCop Cloak is what we refer to as an “Internal System Firewall” for your computer. 

Similar to how firewalls work by “allowing” or “denying” certain traffic on/off your computer across the network, we have achieved this level of security for your host computer. 

SpyCop Cloak is able to detect any program on a user’s computer that attempts to:

• Capture
  keystrokes from the keyboard,·    Capture images from the desktop or active windows,
• Monitor or retrieve data from the clipboard,
• Access data or images in a window,
• Hook applications to retrieve data (i.e. hooking into MSN to steal conversations)
• Install global hooks,
• Use FindWindow, EnumWindows, EnumProcesses to try to grab window captions or textbox data,
• Gain a handle to the foreground window.
  

When these actions are detected, SpyCop Cloak locks the computer preventing further action until the user either “allows”, “denies”, “allows always” or “deny always”. 

By doing so, SpyCop Cloak plays the role of a gatekeeper (at a low driver level) and provides the user the power to “hide” personal data (usernames, passwords, chats, pin numbers, account numbers, documents, etc.) from spying and malicious software that may be resident on their machine.

 SpyCop does not attempt to detect, clean, delete or remove any malicious software on a user’s computer; it simply provides users with the tools to prevent such malware from ever running on their computers altogether.