Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

Half of UK Banks Slammed for Poor Customer Security

Consumer rights group Which has claimed more than half of the UK’s major high street lenders are still failing to provide customers with two-factor authentication to help protect their accounts.

The group tested customer-facing security at 11 banks and reported that for the fourth year in a row the Lloyds Banking Group – Lloyds, Halifax and Bank of Scotland – plus Santander and TSB came bottom of the pile.

First Direct and HSBC topped the list, followed by Barclays, M&S Bank and Nationwide.

Managing director of Which Home & Legal, Alex Neill, argued that the best performing banks use 2FA but in a way that doesn’t impact usability.

“Online banking is increasingly part of our daily lives and at the same time online scams are becoming more sophisticated,” he added. “People can only do so much to protect themselves from fraud, it's time for banks to shoulder more of the responsibility and introduce extra protections to safeguard their customers.”

The organization will be using its weight to call on the financial regulator to see if there’s anything that can be done to force lenders to improve customer-facing security.

The news comes as the latest crime stats from the Office of National Statistics reveal a 13% year-on-year increase in bank and credit card fraud in the UK – although the ONS was at pains to point out these are still “experimental statistics” based on just half the normal sized group of interviewees.

In total, there were 3.6 million cases of fraud over the past year, although this includes non-computer based scams.

John Marsden, head of ID and fraud at Equifax, explained that fraud is being fuelled by the sharing of knowledge and consumer data across the dark web.

“Data shared on the dark web can’t be treated as a one-time event; the data never truly vanishes and can spread globally in a short amount of time, enabling criminals to fraudulently takeover accounts and identities,” he added.

“To reduce the risks and damage associated with fraudulent activity, more needs to be done to educate the public and give them a stronger chance of protecting themselves.”

What’s Hot on Infosecurity Magazine?