Banks like UBS and HSBC are considered safe for business, but others are vulnerable to cyber attacks and theft, according to the latest research by security firm Braintree.
Security experts are warning about the risks of banking online and in the age of the social media.
“The bank has got to get to grips with its own digital identity and how do you ensure your bank is not hacked and how does that balance with its existing data,” said Chris Lister, chief executive of security consultancy Kaspersky Lab.
“And the fact that so many other banks are not really doing the same thing makes it really hard to be confident that it will be able to secure its account,” he said.
The bank is the only one of the top five in the world that hasn’t yet set up a secure cloud-based digital identity service.
The Braintrees research found that UBS is the most vulnerable to breaches.
In addition, HSBC is the second most vulnerable bank, with a vulnerability rating of three.
“This is an area that has become very important,” said Lister.
“Because of the amount of personal data that people are sharing online, it is going to become more and more difficult to have secure banking for the longer term.”
The research also revealed that while banks were well aware of the threat, they were not properly taking action.
“You need to be proactive,” said the research.
“We think that the best way to ensure your data is secure is to use a service that can provide that service.”
Braintree analysed 1.5 million data points from more than 80,000 online accounts of US and international customers, including credit and debit card details and bank accounts, to see how the banks were using the technology to protect their information.
Its data showed that some banks had taken a more proactive approach, but not all.
“There are definitely some areas where the banks have not done a good job of addressing the issue,” said Kasperski Lab researcher Chris Lander.
“A lot of the banks are using these platforms as a way to protect data from being accessed.”
He said some banks have been too slow to get the message out to customers.
“I think it’s really important that the banking industry starts to take a different view on how they want to go about it,” he added.
The report also revealed some other issues.
Banks were using social media platforms to share their personal information, and many were sharing it in an effort to get around the Bank Secrecy Act, which bars the sharing of personal information without the authorisation of a bank.
“Social media platforms are very valuable to banks for marketing and to communicate with customers and to promote products,” said Richard Smith, a senior vice president of consumer security at the US-based consultancy iSecurity.
“If people are getting their information from a bank that’s not doing anything to address the problem, I think that’s going to have a significant impact on their confidence in the bank.”
Banks had also started using social platforms to advertise their products.
“These are really valuable tools for marketing,” said Smith.
“People are going to use these platforms for advertising to get a sense of what the bank offers and how much money is available for credit.”
But the report found that social media accounts were being used by other financial institutions to promote their own products and services.
“We found that a lot of banks were promoting products that they had no business providing, and some were offering services that were actually less than useful,” said Rob Wiesenthal, a security analyst at Kasperskin.
“It’s going too far.”
Some banks were also using mobile banking apps to share data with each other and to sell personalised products, like security alerts.
“Mobile banking is not the way to go, and this isn’t a good thing,” said Wieshenges.
“Banks are already starting to see the benefits of mobile banking and they are not going to make that leap unless they have some real understanding of what it is that they are selling.”
Brains, not brawn’Brains has had a tough time coping with the recent wave of ransomware attacks.
“Ransomware attacks are becoming a real issue and we have to do something about it, but the problem with cyber attacks is they don’t just come in the form of ransomware,” said a senior banker at a major US bank.
Brains also said it would be tough to make its products more secure if it wasn’t able to collect data.
“For our customers, we don’t know what the next step is going the next way.
We don’t even know what it’s going the first way,” said Brains’ chief digital officer, Richard Hoberman.”
But we are not worried about this at all.
We are just focused on building a world where our customers trust us,” he told Reuters.”
That’s what’s so exciting about us.”
But banks have already started to adopt more