The banks with the worst online banking security


Updated on 24 September 2013 | 0 Comments

New research has put online banking safeguards to the test. How did your bank get on?

Santander is the worst bank when it comes to protecting the online security of its customers, according to new research from consumer champions Which?

Which? investigated ten banks and building societies in July, with the help of security firm Pen Test Partners. Santander came bottom with a mark of 47%, while NatWest and RBS came top with an overall score of 76%.

Which? asked one customer from each bank to log into their current accounts using a test computer and perform a range of normal tasks.

The banks were scored on: login security, logout security, transferring money, changing account details, navigation and the level of encryption used to protect information transmitted across the internet.

The results

Here’s how the banks and building societies included in the investigation performed.

Bank/ building society

Overall security score

NatWest/Royal Bank of Scotland

76%

The Co-operative Bank

72%

HSBC

72%

Barclays

71%

Norwich & Peterborough BS

70%

Lloyds TSB

69%

Nationwide

69%

Smile

68%

Halifax

67%

Santander

47%

Source: Which?

Santander was found to be the worst bank for online security. According to Which? the bank’s downfall was the way it dealt with logout security, but it also scored poorly on navigation and the login procedure.

Responding to the results, Santander said: “We have taken on previous feedback from Which? and enhanced the visible and invisible layers of security in our systems. This means when you log off, you are completely logged off and cannot get back in without re-entering security details. While we ensure online banking is safe and secure, we also have to make sure it’s user-friendly as well, to strike the right balance.”

The safest banks

So NatWest and Royal Bank of Scotland (RBS) proved to be the best for online banking security.

They don't require a card reader for logging in but it is needed for tasks such as transferring money or changing the password on the account – areas fraudsters are likely to target.

Which? said that, along with HSBC, NatWest and RBS were the only banks which logged the user out when they tried to log on from two different IP addresses at the same time. The account was then locked for ten minutes to deter the hacker.

The Co-operative Bank and HSBC came joint second with 72%, followed by Barclays on 71%. All three scored highly for encryption protection and the levels of security around setting up a new payee.

What about First Direct?

First Direct, a subsidiary of HSBC, actually achieved a worse score than Santander with 46% overall.

However, it was not included in the results as it has carried out changes to its online security since the investigation took place in July.

Now First Direct will be offering customers the chance to use a physical or a digital secure key, which will generate a random code to log in to online banking.

Customers will be given a choice, but those who opt out will only be able to access a limited version of the site with limited functionality.

Considering HSBC did so well, it's surprising First Direct has taken so long to catch up.

The safest accounts

If you're worried about the level of security your bank provides online, you can now easily switch in just seven days thanks to the new Current Account Switch Service. Read more about it in How to switch your current account in 7 days.

NatWest and RBS both offer up to 1% cashback on certain debit card spends in store and online with their Select, Select Silver, Select Platinum or Black current accounts.The NatWest and RBS Select Accounts are the only accounts that are fee free.

The Co-operative Bank has a Standard Current Account which gives exclusive offers on loans and Cash ISAs, while the Current Account Plus also comes with a fee-free £200 overdraft and exclusive offers on credit cards as well as loans and ISAs.

HSBC has an account called Advance which comes with a range of benefits like worldwide travel insurance and breakdown assitance but it charges a monthly fee of £12.95. The fee-free HSBC Bank Account will get you access to exclusive HSBC mortgages and savings.

Elsewhere Lloyds and Nationwide can offer good levels of in-credit interest. You can add something called Vantage to any Lloyds TSB current account which allows you to earn 3% on balances between £3,000 and £5,000, while Nationwide's FlexDirect will pay 5% for a year on balances up to £2,500.

Keeping safe online

Online banking fraud losses are on the rise, up to £40 million last year, according to Financial Fraud Action UK.

So it’s important to keep safe when using online banking. Here a few simple steps to follow to avoid being caught out:

  • Avoid public computers or public Wi-Fi hotspots when using online banking
  • Secure your home wireless network so others can’t access it
  • Keep your antivirus software up to date
  • Never leave your computer logged in – make sure you log out fully
  • Look for the locked padlock or unbroken key when banking online
  • Don’t open emails from unknown sources
  • Don’t write passwords down in full or share with anyone. For more help on passwords read How to protect your PINs and passwords
  • Don’t share your details with anyone over email or by phone even if they claim to be from your bank.

For more tips read our article Online banking: How to stay safe.

More on banking

Britain's worst bank revealed!

Why some current accounts are better than savings accounts

Five places where you can get an overdraft for free

Are these Britain's best bank accounts?

Comments


Be the first to comment

Do you want to comment on this article? You need to be signed in for this feature

Copyright © lovemoney.com All rights reserved.

 

loveMONEY.com Financial Services Limited is authorised and regulated by the Financial Conduct Authority (FCA) with Firm Reference Number (FRN): 479153.

loveMONEY.com is a company registered in England & Wales (Company Number: 7406028) with its registered address at First Floor Ridgeland House, 15 Carfax, Horsham, West Sussex, RH12 1DY, United Kingdom. loveMONEY.com Limited operates under the trading name of loveMONEY.com Financial Services Limited. We operate as a credit broker for consumer credit and do not lend directly. Our company maintains relationships with various affiliates and lenders, which we may promote within our editorial content in emails and on featured partner pages through affiliate links. Please note, that we may receive commission payments from some of the product and service providers featured on our website. In line with Consumer Duty regulations, we assess our partners to ensure they offer fair value, are transparent, and cater to the needs of all customers, including vulnerable groups. We continuously review our practices to ensure compliance with these standards. While we make every effort to ensure the accuracy and currency of our editorial content, users should independently verify information with their chosen product or service provider. This can be done by reviewing the product landing page information and the terms and conditions associated with the product. If you are uncertain whether a product is suitable, we strongly recommend seeking advice from a regulated independent financial advisor before applying for the products.