Banking websites failing on security and privacy, claims Online Trust Alliance

Sector's performance marred by security breaches, low privacy scores and poor email security

Banking websites are struggling to maintain customers' trust due to failings in security and privacy, according to the Honour Roll: a list of the most trusted and secure online portals in the USA.

The list is part of the non-profit Online Trust Alliance's annual anonymous Online Trust Audit.

The consumer services industry was announced as the most secure, with 76 per cent of surveyed sites making the Honour Roll. Firms need to achieve an overall score of at least 80 per cent across three categories: domain, brand and consumer protection; site security and resiliency; and data protection, privacy and transparency. On the other end of the scale, very few of the top 100 US banks made the list: only 27 per cent, from 55 per cent in 2016.

The OTA says that the US banking sector had shown 'consistent, significant improvement' in its Honour Roll score up to 2016. However, its performance this year has been marred by data breaches, low privacy scores and low levels of email authentication. 65 per cent were said to have 'failed' the OTA's test - the most of any industry.

The American Bankers Association (ABA) has questioned the result. It says that the OTA's claim that 24 per cent of banks suffered a data breach in 2016 is false, with SVP of payments and cybersecurity Doug Johnson adding that banks "absolutely take privacy and security very seriously." The ABA was (in)famously hacked in 2015, shortly after it revealed that it was taking part in Cybersecurity Awareness Month.com - draw your own conclusions.

52 per cent of the 1,000 sites tested made the Honour Roll: a 5 per cent YoY increase. However, it also remarked on a three-year trend: sites either make the Honour Roll, or fail the audit. That means that they are either taking security seriously and do well, or lose focus in one or more important areas.

OTA Founder and Chairman Emeritus, Craig Spiezle said, "Data is the ‘oil' of the Internet economy." He told NBC News, "If this data is not secure and users have negative experiences, this ultimately threatens the future growth and revenue potential of the internet."