Nearly 7 in 10 Major US Banks Fail Web Security Testing

Banks and other financial institutions need to take proper security measures to protect customer funds. Worryingly, this does not appear to be the case for many banks. A new report by Online Trust Alliance paints a troubling picture. They claim nearly seven of every ten US banks failed web security testing. Such a high number is absolutely unacceptable in this day and age of theft and data breaches.

US Banks are in a Security Pickle

Trust in banks and other financial institutions is at an all-time low right now. Consumers of all ages are use banks to secure their money, but they are less eager to do so. There are many different reasons for this, including the fact of how customer support seems to get worse every year. Additionally, most banks are shifting to a digital-only approach which does not inspire confidence in its users.

With this growing focus on digitization and mobile support, one would expect these banks to take the necessary security precautions. Sadly, that does not appear to be the case. In fact, the majority of US banks failed web security testing. Considering how the Online Trust Alliance audited over 1,000 banking websites around the world, it is disconcerting to see US banks come out as the worst.

What is even more troubling is how these US banks fail in both security and privacy. While they can be mutually exclusive in some cases, no bank should fail either of these. Not being able to reach a security score of 80% or higher in 2017 is unforgivable. This score is based on consumer protection, security, and privacy. Failing in any of these “sectors” will eliminate any chance of reaching 80%.

Even though the 2017 survey is not all that positive for banks, there are some good general conclusions in the report. More sites qualified to potentially achieve the 80% score. This number is up by 5% compared to the year prior. Sadly, this does not translate to positive numbers for US-based institutions. Of all major US banks, only 27% made the 80% cut. That is a 28% drop compared to 2016. The US clearly needs to catch up with the rest of the world.

These US banks are also more prone to data breaches. While most banks will publicly state they take security and privacy very seriously, this report tells a very different story. Something needs to change over the coming months, though this report does not legally require action. The US banking sector has slipped backward when it comes to security in 2016.

Dumb mistakes will always remain the number one issue for any institution, regardless of its size. A consistent approach to managing access and security can go a very long way. For some reason, most US banks are unwilling to take this tried and tested approach to keeping customer data safe. Countermeasures are simple and inexpensive, yet security is still considered an area which does not require much attention. If this trend continues, things are not looking all that great for US bank customers.

Leave a Reply