The world of business security is a bit like a game of cat and mouse. While organisations and businesses work constantly to deter cyber criminals, those who pose a threat to online security are simultaneously trying to unravel these complex defences. In this way, the challenge is never-ending; no organisation will ever reach a security ‘end-point’ where they become immune to cyber crime, because the technology to challenge these protective measures is always evolving.
Recently, the independent security researcher behind the site Bank Grade Security ranked n26.com positively in a table of world banks, in terms of the security practices that they had looked at. While this is not a definitive measure of our entire process, for us, it’s an encouraging sign.
Keeping customers’ assets safe is our top priority and the least we can do to avoid complacency is to continually challenge ourselves.
Here’s how we do it...
A culture of security
Security awareness is so much a part of the fabric of our workplace, you could say it’s in our DNA. Every product team at N26 has its own security champion to oversee that standards are being upheld day-to-day. To make sure we’re releasing the safest product possible, we test the integrity, availability and confidentiality of all new features and financial services before they’re launched to the public.
But security isn’t limited to just one department - we thread it through every single area of operation in our business. Any new employees joining N26 will find themselves being introduced to security from day 1 as part of the onboarding process, followed by updates via regular company-wide presentations. With relation to two-factor authentication, proper segmentation, least-privilege access control and encryption (to name a few), we align our processes to best practices.
Bug Bounty program
While we don’t play around when it comes to security, that didn’t stop us from gamifying the testing process. N26’s bug bounty program gives the public outside of N26 an opportunity to identify weaknesses in our security systems in exchange for rewards, allowing us to address vulnerabilities before they become a threat.
If you’ve ever been a victim of cyber crime, you’ll know how important it is to take steps against it. Based on consumer research, Norton Cyber Security estimates that around 978 million of us were a victim of cybercrime in 2017. While we work to make our app and services as airtight as possible, there’s also plenty N26 customers can do to protect their account. We previously wrote about how you can spot phishing scams and social engineering techniques designed to trick you and compromise your accounts but here’s a few other tips to keep your information safe:
- Download app updates: Sometimes, updating an app for the latest patch or bug fixes can seem a bit pointless if there’s no visible difference afterwards, but these are there to ensure you have the most recent version of the app to defend against security threats.
- Passwords: Avoid the cliche most common passwords. (Yes, there’s a Wikipedia page dedicated to the subject) Password complexity does help (including a capital letter, a number and a non-character) but your password length is the most important factor. A minimum password length of 10 helps, too. Above all, avoid reusing your password for any other applications or services.
- Set up fingerprint authentication for your login: No two fingerprints are the same, which makes this form of secure login unique to each user.
What to do if you suspect fraud on your N26 account
If you suspect your account has been hacked or you notice unusual activity on your account (such as unauthorized transactions), you should immediately mark your card as stolen inside the N26 app, destroy the old card and reorder a new one. Remember, as a licensed EU bank your money is protected up to €100.000 with us, as outlined in our fraud compensation guide.