Online Bank security worsens

**Glaswegian** · 06-14-2007, 12:06 PM

Banks' online security is getting worse as they rush to offer services online, according to new research.

This year's Annual Security Report from NTA Monitor, a security testing firm, found that 20 percent more security vulnerabilities turned up in the infrastructures of banks, building societies and other financial institutions compared with last year's report. The survey covers networks, applications and systems.

http://www.techworld.com/security/ne...SS&NewsID=9162

**Kalim** · 06-15-2007, 05:26 PM

Yeah, it's true. I've quit dealing with online banking since February because of more details expanding on the real threats and weaknesses.

bcook8033 · 05-22-2008, 09:18 PM

I know this is old, but ... from the tech world article: "Another common problem was expired SSL certificates, which force users to acknowledge that they know the certificate is invalid before they can access the site."

What kinds of banks and financial institutions did they study? I've never seen a reputable bank use an expired SSL certificate on their Internet banking website. The information security of banks are audited way more than other industries, as it should be.

I'll tell you what I'm leery of ... bank aggregators. It's amazing how many people trust these companies besides their bank to manage access to their Internet banking with names like Yodlee. Talk about a vulnerability.

---------------------------------
Web Developer
CoNetrix Information Security and Compliance

06-14-2007, 12:06 PM	#1 (permalink)
Glaswegian Moderator/ Rangemaster TSF Academy; Analyst, Security Team; Oor Wullie; TSF Surgeon and Resident Comic Join Date: Sep 2005 Location: Glasgow Posts: 21,378 OS: Win XP Pro SP3 My System Blog Entries: 10	Online Bank security worsens Banks' online security is getting worse as they rush to offer services online, according to new research. This year's Annual Security Report from NTA Monitor, a security testing firm, found that 20 percent more security vulnerabilities turned up in the infrastructures of banks, building societies and other financial institutions compared with last year's report. The survey covers networks, applications and systems. http://www.techworld.com/security/ne...SS&NewsID=9162 __________________ Iain - Defender of the Haggis and all things Scottish. I don't help by PM - post in the Forums. Ad-Aware::SpywareBlaster::SpyBot::SpywareGuard::SnoopFree::AVG Free::HOSTS File::HijackThis::Donate::5 Steps For Infected PCs

06-15-2007, 05:26 PM	#2 (permalink)
Kalim Roaming To Help Join Date: Nov 2006 Posts: 5,609 OS: Many	Re: Online Bank security worsens Yeah, it's true. I've quit dealing with online banking since February because of more details expanding on the real threats and weaknesses.

05-22-2008, 09:18 PM	#3 (permalink)
bcook8033 Registered User Join Date: Apr 2008 Posts: 5 OS: xp	Re: Online Bank security worsens I know this is old, but ... from the tech world article: "Another common problem was expired SSL certificates, which force users to acknowledge that they know the certificate is invalid before they can access the site." What kinds of banks and financial institutions did they study? I've never seen a reputable bank use an expired SSL certificate on their Internet banking website. The information security of banks are audited way more than other industries, as it should be. I'll tell you what I'm leery of ... bank aggregators. It's amazing how many people trust these companies besides their bank to manage access to their Internet banking with names like Yodlee. Talk about a vulnerability. --------------------------------- Web Developer CoNetrix Information Security and Compliance