The banks with the worst online banking security
New research has put online banking safeguards to the test. How did your bank get on?
Santander is the worst bank when it comes to protecting the online security of its customers, according to new research from consumer champions Which?
Which? investigated ten banks and building societies in July, with the help of security firm Pen Test Partners. Santander came bottom with a mark of 47%, while NatWest and RBS came top with an overall score of 76%.
Which? asked one customer from each bank to log into their current accounts using a test computer and perform a range of normal tasks.
The banks were scored on: login security, logout security, transferring money, changing account details, navigation and the level of encryption used to protect information transmitted across the internet.
The results
Here’s how the banks and building societies included in the investigation performed.
Bank/ building society |
Overall security score |
NatWest/Royal Bank of Scotland |
76% |
The Co-operative Bank |
72% |
HSBC |
72% |
Barclays |
71% |
Norwich & Peterborough BS |
70% |
Lloyds TSB |
69% |
Nationwide |
69% |
Smile |
68% |
Halifax |
67% |
Santander |
47% |
Source: Which?
Santander was found to be the worst bank for online security. According to Which? the bank’s downfall was the way it dealt with logout security, but it also scored poorly on navigation and the login procedure.
Responding to the results, Santander said: “We have taken on previous feedback from Which? and enhanced the visible and invisible layers of security in our systems. This means when you log off, you are completely logged off and cannot get back in without re-entering security details. While we ensure online banking is safe and secure, we also have to make sure it’s user-friendly as well, to strike the right balance.”
The safest banks
So NatWest and Royal Bank of Scotland (RBS) proved to be the best for online banking security.
They don't require a card reader for logging in but it is needed for tasks such as transferring money or changing the password on the account – areas fraudsters are likely to target.
Which? said that, along with HSBC, NatWest and RBS were the only banks which logged the user out when they tried to log on from two different IP addresses at the same time. The account was then locked for ten minutes to deter the hacker.
The Co-operative Bank and HSBC came joint second with 72%, followed by Barclays on 71%. All three scored highly for encryption protection and the levels of security around setting up a new payee.
What about First Direct?
First Direct, a subsidiary of HSBC, actually achieved a worse score than Santander with 46% overall.
However, it was not included in the results as it has carried out changes to its online security since the investigation took place in July.
Now First Direct will be offering customers the chance to use a physical or a digital secure key, which will generate a random code to log in to online banking.
Customers will be given a choice, but those who opt out will only be able to access a limited version of the site with limited functionality.
Considering HSBC did so well, it's surprising First Direct has taken so long to catch up.
The safest accounts
If you're worried about the level of security your bank provides online, you can now easily switch in just seven days thanks to the new Current Account Switch Service. Read more about it in How to switch your current account in 7 days.
NatWest and RBS both offer up to 1% cashback on certain debit card spends in store and online with their Select, Select Silver, Select Platinum or Black current accounts.The NatWest and RBS Select Accounts are the only accounts that are fee free.
The Co-operative Bank has a Standard Current Account which gives exclusive offers on loans and Cash ISAs, while the Current Account Plus also comes with a fee-free £200 overdraft and exclusive offers on credit cards as well as loans and ISAs.
HSBC has an account called Advance which comes with a range of benefits like worldwide travel insurance and breakdown assitance but it charges a monthly fee of £12.95. The fee-free HSBC Bank Account will get you access to exclusive HSBC mortgages and savings.
Elsewhere Lloyds and Nationwide can offer good levels of in-credit interest. You can add something called Vantage to any Lloyds TSB current account which allows you to earn 3% on balances between £3,000 and £5,000, while Nationwide's FlexDirect will pay 5% for a year on balances up to £2,500.
Keeping safe online
Online banking fraud losses are on the rise, up to £40 million last year, according to Financial Fraud Action UK.
So it’s important to keep safe when using online banking. Here a few simple steps to follow to avoid being caught out:
- Avoid public computers or public Wi-Fi hotspots when using online banking
- Secure your home wireless network so others can’t access it
- Keep your antivirus software up to date
- Never leave your computer logged in – make sure you log out fully
- Look for the locked padlock or unbroken key when banking online
- Don’t open emails from unknown sources
- Don’t write passwords down in full or share with anyone. For more help on passwords read How to protect your PINs and passwords
- Don’t share your details with anyone over email or by phone even if they claim to be from your bank.
For more tips read our article Online banking: How to stay safe.
More on banking
Britain's worst bank revealed!
Why some current accounts are better than savings accounts
Five places where you can get an overdraft for free
Are these Britain's best bank accounts?
Comments
Be the first to comment
Do you want to comment on this article? You need to be signed in for this feature