NatWest overhauls web security after online confrontation
Natwest improves the security of its main website
Banking firm NatWest has confirmed it's in the process of overhauling the security of its website following discussions with an expert who found a vulnerability.
According to the BBC, a researcher pointed out the fact that many banks use HTTPS connections on their online banking services but fail to implement this protection on their main websites.
The security expert, Troy Hunt, named NatWest as one of the banks that "needed fixing". He pointed out the flaw to the bank on Twitter, and it replied saying "Sorry you feel this way".
The bank has since told the BBC that it'll make the suggested changes within 48 hours and that it's been in touch with security experts on the issues raised.
Hunt detailed the flaw in a blog post, writing: "NatWest acknowledges that HTTPS is important because they have it on their login page and (presumably), all their banking pages.
"They're using HTTPS because of the aforementioned threats involving someone getting in the middle of the connection and messing with traffic.
"If someone is messing with traffic then they can modify non-secure requests."
The security expert said that cyber crooks are able to hijack the online banking service "nwolb.com" and direct visitors to websites with similar domains, such as "nuuolb.com".
Since the blog post has circulated the web, the bank has acquired the "nuuolb" domain, which has angered Hunt. He said the bank has failed to see the point.
He said: ""We're seeing 'Not secure' next to the address bar. I would opine that 'Not secure' is not what you want to see on your bank."
Speaking to the BBC, NatWest owner RBS said: "We take the security of our services extremely seriously.
"While we do not currently enforce HTTPS on some of our websites, we are working towards upgrading this in the next 48 hours."
First Direct is another bank that may be affected, but it too is looking at changes. It told the BBC: "This functionality is something we're currently reviewing."