Posted September 5, 2009 by Simon in News

Security survey highlights differences between banks


A survey by Which? Computing has highlighted that some of Britain’s biggest banks appear to be leaving their customers’ online accounts vulnerable to fraud because of poor security.

Abbey and Halifax fared worst in the review on their security measures, whereas Which? Computing experts rated Barclay’s as the top provider.

The initial log in process was a key area reviewed, as this is seen as the most vulnerable aspect to an online banking site.  Halifax were deemed as one of the worst on this, as although they require 3 items of security information, all of them are typed in by the user.

Typing can be risky, as if your PC is infected with a key-logger virus, this will potentially store all of your keystrokes, with the aim to record your passwords being entered.  Its been believed that the majority of online banking fraud is as a result of key-logging viruses, with an estimated £52.5m defrauded in 2008, which is twice the amount recorded in 2007 (£22.6m)

A way round the key-logging viruses is to use drop-down menus, something that both Barclay’s and Lloyds TSB require their users to use when logging into their sites, hence their better ranking in this survey.

Auto log-out of online banking sites was also looked at, as leaving a banking session without logging out can be dangerous on a shared or public PC.  Abbey, Alliance & Leicester, HSBC and Halifax were all marked down on this, as users were not immediately logged out if they browse to another web page without logging off.

Transferring monies within online banking was the final scrutinized part of online banking, as control on this can be essential if a criminal hijacked your session.  Abbey, First Direct, Halifax and HSBC were all seen as the least protected in relation to this.

How good is your bank’s consumer-facing security?
  • Excellent – Barclays
  • Good – First Direct, Lloyds TSB, Nationwide, NatWest, RBS
  • Average – Alliance & Leicester, HSBC
  • Poor – Abbey, Halifax

Sarah Kidner, Editor, Which? Computing summarised the results:

“There are surprisingly big differences between big banks’ visible online security systems. Some simple measures, like the use of drop-down menus, could improve safety considerably. The banks may say it’s the hidden security measures that count, but to have real confidence in an online account, customers need to see security in place.”