With 90% of consumers worrying about having their online financial accounts hacked, ensuring that online banking is protected from phishing attacks and other vulnerabilities is essential, especially as 76% of data breaches are financially motivated.

However, according to Sectigo, an issuer of online security certificates, many banking websites do not have Extended Validation certificates to prove that they are legitimate and secure.

Online security certificates are what proves that a website is authentic and that any information sent through the website is secure and encrypted. An Extended Validation (EV) certificate is the maximum level of identity verification.

Sectigo assessed websites based on whether they had digital certificates provided by a Certificate Authority.

It rated each bank’s website according to the type of digital certificate used to secure the login pages for the bank’s online banking service. “Green” status was awarded to websites with EV certificates on the home and login pages. Websites without an EV certificate received a lower rating, or a “yellow” status. Fortunately, no banks in the study displayed “Not Secure” warnings, which would warrant a “red” status.

The study found that 25% of European banks did not have the highest, meaning customers may be vulnerable to phishing scams. Furthermore, 40% of North American banks did not follow best practice when it comes to security certificates.

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

This could impact the level of trust banks have from their customers, with the authenticity of their bank’s website a key part of ensuring trust. Eight out of ten people report that an EV certificate influences their perception of a brand or company and 50% indicate it has a significant influence.

To improve online security while banking, Sectigo advises that customers always look for the full name in the address bar to check that the site is authentic, to never input sensitive payment information on a page not secured with SSL certificate, and to avoid unsolicited emails or clicking links.

Tim Callan, senior fellow at Sectigo said:

“Online criminals routinely use counterfeit websites to trick consumers into unknowingly providing valuable information such as account logins, credit card numbers, and personally identifiable information that can be used for identity theft.

“To give customers peace of mind, financial institutions can deploy Extended Validation SSL certificates to communicate the bank’s verified identity to site visitors right in the browser’s interface. The findings of Sectigo’s study serve as a reminder for banks to pay attention to their online presence, not only to protect customers from phishing, but also to convey that necessary protections are in place.”


Read moreWorried about the safety of internet banking? Here are 5 ways to stay secure online