First Interstate – Mobile Banking Security Using SMS

First Interstate Bank Branch LocatorFirst Interstate Bank, a regional bank with 50 locations and 100 ATMs in Montana and Wyoming, has launched a mobile banking site at The bank is doing a good job of promoting the site with a prominent ad on their web home page and an extensive video tutorial.

Themobile  site has ATM and branch lookups which do not require a login to use and include maps, driving directions and, for the branches, hours and click to call phone numbers.

First Interstate customers who have registered for mobile banking have access to most of the usual online banking features; viewing balances, lists of transactions and pending activity, details of individual transactions and transferring funds between accounts.  About the only thing you can’t do is pay bills.

Mobile banking tends to be overly complicated due to security concerns. First Interstate is using an approach I haven’t seen before that seems relatively user friendly and very secure.  The process works like this:

  • Register for mobile banking on the bank’s PC website.  You need to provide your mobile number, mobile provider and a four digit mobile banking pin.
  • You will recieve a text message containing a link to a one-time mobile banking URL and a six digit one-time password .  Click the link and enter your login ID and mobile pin.  The one-time password is only needed  If your phone or provider doesn’t allow you to click on links in URLs, in which case you have to go to and enter your ID, one-time password and mobile pin
  • Each time you successfully log into mobile banking the bank sends a new SMS with a new one-time URL and password. If you don’t receive the SMS or accidentally delete it, there’s a button on the mobile login screen to request a new one.

First Interstate Bank Login ScreenThe use of  something the user knows (the mobile pin) and something the user has (the mobile phone containing the one-time PIN or URL) makes this a two-factor authentication system.  Bank auditors generally insist on two factor authentication for mobile banking.  Other mobile banking solutions  have implemented two-factor security using a downloadable app with embedded unique identifier or cookies. I’ve also seen systems requriring the user to answer a secret question chosen at random from a list of questions and answers submitted by the user at signup which isn’t really two-factor as both the PIN and secret question are both things the user knows.  The solution used by First Interstate is more portable than requiring the user to download an application which would only work on some phones, much more reliable than cookies and more user friendly than the secret question approach.  The downside is that the user has to pay for receiving a text message every time they use the service.

If any of my readers have used First Interstate’s mobile banking, I love to receive comments about how well it works and if the cost of the text messages is a concern.

Mobile Link:

Ratings: Content: ****_ Usability: XXXX_

Filed In: Business/Banking and Payments

4 thoughts on “First Interstate – Mobile Banking Security Using SMS

  1. ok i was wondering if there was a way to get updated text messages to my cell with out haveing to log in or stuff like all this logging in an pin numbers an passwords an so on” its not my thing but yeah can you guys do that like send me updated balances every so offten”

  2. hello ” i really want to upload your banking link for i do have acct with first interstate but i really dont understand by what you mean by all the log in pins an so on” its sort of confuseing to me iam just use to logging in once an thats it what other easy ways is there it use or i can use i just want to check my banking acct an blance,s at time other then going to the ATM all the time i got a smart phone can i just log in your what ever an leave at that an so i can just touch the icon app an see my balance i have up to date i like it that way its a easyer way for me to use can i do that if i use the app you offer other then a new password an pin or do i have to create a whole new pin number will this affect my ATM card pin too just wondering if there was a easyer way to use your app.

    • It’s not my app, it’s First Interstate’s. You will need to contact them for help.

      Also this article is five years ago and doesn’t apply to the current First Interstate mobile Webapp.

Comments are closed.