Wells Fargo Bank said to improve online security

August 28, 2006

SAN FRANCISCO (BUSINESS WIRE) - Wells Fargo & Company announced today new upgrades to its online security platform designed to give customers and businesses even more protection in the fight against Internet fraud.

"The fight against online fraud is a continuous and comprehensive effort and an evolutionary process at Wells Fargo," said Jim Smith, executive vice president of Wells Fargo's Internet Channel and Products. "No one solution can solve the problem of online security. We favor a layered security approach to protect our most important assets: our customers."

As all banks will need to comply by year-end with the new Federal Financial Institutions Examination Council (FFIEC) guidelines, Wells Fargo is committed to meet and exceed them. Some of the new technologies that complement Well Fargo's security platform and each other's effectiveness include:

- A real-time risk analysis by Bharosa with data integrated from Quova Inc. that determines whether a customer is signing on from his/her usual location or if someone is trying to fraudulently login from a different PC and location.

- A risk management system by Actimize Inc. that detects fraud by analyzing transaction and session behavior.

- One-time passwords for customers' high dollar money movement applications, such as RSA Security's RSA SecurID(R) two-factor authentication tokens for small business customers.

"These are not the last of the upgrades," Smith said. "They are additional enhancements to our security in an ever-changing process to give the customer the utmost protection possible. Wells Fargo relies on a vigilant and steadfast approach to online security -- a layered approach and best-of-breed solutions -- to protect customers' information and funds in a way that is seamless and also does not inconvenience them."

Securely satisfying all of its customers' financial needs and helping them succeed financially has always been at the cornerstone of Wells Fargo's business. Smith said Wells Fargo stands behind the security of all its online transactions -- consumers and businesses -- with a 100% security guarantee -- even in the case of phishing, key logging and pharming. More information about how the guarantee works is available on Wells Fargo's Web site at www.wellsfargo.com. Wells Fargo's Commercial Electronic Office(R) (CEO(R)) -- the first of its kind single sign-on business portal -- has provided two-factor authentication since 2000. The CEO is used by two thirds of Wells Fargo's commercial banking customers and allows business customers to conduct 50 kinds of transactions online, from making loan payments to trading foreign exchange. In addition, Wells Fargo was the first major bank to make its entire Web site 128-bit encrypted, a system in place since November 2005.

Recognizing the need to help customers better protect themselves from identity fraud, Wells Fargo offers convenient account alerts delivered to customers' e-mail addresses. To help customers stay on top of recent account activity, they may sign up to receive specific alerts for checking, savings and credit card accounts, e-mailed to up to three chosen addresses. In 2004, Wells Fargo launched an intensive and ongoing public education campaign, BE SAFE Online, to provide customers with up-to-date tips to prevent, detect, and resolve fraud and identity theft. There is also a 12-question identity fraud safety quiz available on www.wellsfargo.com.

Additional commitments by Wells Fargo to help protect its customers include:

- Membership of the Symantec Phish Report Network, an extensive antifraud community where members collaborate to protect consumers and business from phishing threats. In addition, Wells Fargo works with Brandimensions to shut down phish sites.

Support of a broad-reaching study with an independent research organization, Javelin Strategy & Research, as part of its overall effort to educate customers on the key issues and tools for combating identity theft and online fraud. The Javelin study adds an important body of understanding on customer attitudes and behaviors surrounding identity theft -- the 5,000 respondents that contributed to this year's report represent the largest pool of nationally representative, phone-based consumer research done to date on the subject, seconded only by last year's study, which Wells Fargo also co-sponsored. (Source: Javelin Strategy & Research)

- The improvements, with customer education and other layered security controls, provide online customers with a high level of protection. For more than 150 years, Wells Fargo has stood as a symbol of strength and security, and managing authentication and security for online customers has been a primary focus since 1995, when the company was the first to launch account access on the Internet.

About Wells Fargo

Wells Fargo & Company is a diversified financial services company with $500 billion in assets, providing banking, insurance, investments, mortgage and consumer finance to more than 23 million customers from more than 6,200 stores and the internet (wellsfargo.com) across North America and elsewhere internationally. Wells Fargo Bank, N.A. is the highest credit-rated bank in the U.S., receiving an "Aaa" by Moody's Investors Service -- its top credit rating -- and "AA+" by Standard & Poor's Ratings Services.

####