How secure is my bank's website?
I don't know a single large bank that does not offer its customers a way to use a website to do their transactions (known as online banking). There is unfortunately no single standard set for bank websites, and many companies tend to misjudge the importance of a secure website. The Secure Web Bank website analyzed websites of financial institutes in the US, Canada and Europe to see whether standard security features such as https (SSL) and two-factor authentication were supported on the websites to protect customer accounts.
If you take a look at this list you see that all European and Canadian banks but one are offering (most require) SSL login pages and that about 50% of the US banks offer ssl as an option.Customers are at great risk here, especially if they connect to their bank's website from a public network and connect to its http address as attackers can then record the information that are transferred between the bank's server and the customer. Banks can prevent this by enforcing the use of https on all of their pages.
It is important to get banks to implement these security precautions, and if you happen to have accounts at a bank that does not, I highly recommend you contact them to get them to make the necessary changes. If the bank does not, it may be time to change to another bank that takes online safety serious, or not use the online banking portal at all.
If your bank is not on that list, or if you just want to check the security of your bank's website right now, you can simply open the site in a web browser of your choice to do so. First thing that you need to take a look at is the protocol used. If you see https, you know that SSL is used. For that, you obviously need to load the log in page on the bank website, as the default landing page may not make use of SSL at all. Here is a screenshot of how this should look like.
As far as two factor authentication goes, you will often find information about this on the bank's website as well, but if you do not, contact customer support to find out. Banks may for instance use a mobile TAN system that is sending a code to the phone of the customer which needs to be entered to complete transactions.Advertisement