Which banks have the worst online security?
Santander came bottom of the class with a mark of 47%, while NatWest and RBS came top with an overall score of 76%. The banks were scored on: login security, logout security, transferring money, changing account details, navigation and the level of encryption used to protect information.
Santander's downfall came from the way it dealt with logout security, not to mention poor navigation and the login procedures. Responding to the results, Santander said: “We have taken on previous feedback from Which!! and enhanced the visible and invisible layers of security in our systems. This means when you log off, you are completely logged off and cannot get back in without re-entering security details. While we ensure online banking is safe and secure, we also have to make sure it’s user-friendly as well, to strike the right balance."
Which!!!!! said that, along with HSBC, NatWest and RBS were the only banks which logged the user out when they tried to log on from two different IP addresses at the same time, while the Co-operative Bank and HSBC scored highly for encryption protection.
First Direct achieved a worse score than Santander with 46% overall, however, they weren't included in the results as they carried out changes to its online security since the investigation took place in July.
The scores as as follows: NatWest/RBS 76%, The Co-operative Bank 72%, HSBC 72%, Barclays 71%, Norwich & Peterborough 70%, LloydsTSB 69%, Nationwide 69%, Smile 68%, Halifax 67%, Santander 47%.