Warning to online banking customers after concerns about exposure to fraud

According to consumer watchdog Which ?, people who use online banking services are at risk of fraud.

He urged banks to “improve their game” by improving online protections and banning customers from choosing pass codes that are insecure.

The Consumer Champion worked alongside security firm 6point6 to investigate 15 of the largest banks that provide checking accounts, such as reported by Hull Live.

READ MORE – Janey Godley shares health update after surgery as fans offer support

The survey assessed banks on criteria such as strength of protection and encryption, login, account management and browsing.

According to research, six popular banks allow users to set insecure passcodes that include their names.

These were Santander, HSBC, The Co-operative Bank, Virgin Money, NatWest and Starling.

Get all the latest Glasgow news and headlines delivered straight to your inbox twice a day by signing up to our free newsletter.

From the latest news to the latest on the coronavirus crisis in Scotland, we’ve got you covered.

The morning newsletter arrives every day before 9 a.m. and the evening newsletter, manually curated by the team, is sent out between 4 p.m. and 5 p.m., giving you a summary of the most important stories we covered that day.

To register, simply enter your email address in this link here.

Santander told who? this was in the process of being removed, while NatWest and Virgin Money said it could now increase password limitations.

TSB, Lloyds, Metro, Nationwide, Santander and the Co-operative Bank have also used texts to verify people when logging in, leaving messages at risk of being hijacked by cybercriminals. noted.

Santander and the Co-operative Bank told Which? they were trying to get away from it.

Which? also claimed that Nationwide, TSB and Virgin Money do not use software to ensure that fraudulent messages sent by potential scammers are blocked or quarantined by an email provider.

The TSB said to what? it has since introduced this protection, while Virgin Money has said it is in the process of doing so and Nationwide has said it has “a range of email security controls” to protect members.

HSBC scored highest for online banking security, scoring five stars for website encryption and account management. First Direct, a division of HSBC UK, has been ranked # 1 in Mobile Application Security.

Metro Bank was ranked last for online security, while Monzo was ranked last by Which? for the security of mobile applications.

Which? said Monzo didn’t ask people to log in every time, with the bank saying it was a “conscious design decision to strike a balance between risk and customer experience.”

A spokesperson for Monzo said: “We strongly disagree with this assessment. Since every sensitive action or payment requires a customer to provide additional authentication in the form of a PIN or biometric data, the risk associated with staying signed in to the Monzo app is extremely low.

“We take security very seriously and focus on the policies and practices that we believe to be the safest for Monzo customers. “

Metro Bank said, “Like all financial institutions, we must remain vigilant to protect our systems and our security.

“In addition, we work collectively with other banks to protect ourselves against fraud. We take the safety of our customers very seriously and have a range of protections in place. “

Which? said every bank and mortgage company has behind-the-scenes security processes that cannot be legally tested.

Jenny Ross, which one? Money Editor said, “Banks must lead the battle against fraud, but our security tests have revealed worrying loopholes when it comes to protecting people from the threat of having their accounts compromised.

“Our research reinforces the need for banks to improve their level of fraud prevention by using the latest protections for their websites and by not allowing customers to set insecure passwords. We also want banks to stop sending sensitive data to customers by text message, as this could leave the door open for fraudsters. “

The TSB said it had several security features that were not factored into the results and emphasized its fraud reimbursement guarantee.

Virgin Money said: “We continuously monitor, evaluate and improve our security controls. ”

Co-operative Bank said it is constantly reviewing controls to keep banking operations secure.

HSBC Group said, “We deploy advanced cybersecurity controls and identify and respond to threats in a timely manner. “