Online banking security rated

Banking security & new ways to pay

Online banking security rated

By Zoe Blackler

Article 3 of 4

Put us to the test

Our Test Labs compare features and prices on a range of products. Try Which? to unlock our reviews. You'll instantly be able to compare our test scores, so you can make sure you don't get stuck with a Don't Buy.

Which? has rated 11 UK banks on the security of their online banking. How does your bank's online security measure up?

Increasingly fraudsters are using personal information to gain victims’ trust, to trick them into moving money themselves. So we've examined the security protecting tasks such as moving money, but also whether criminals would be able to penetrate the first level of security - login - and access your financial details, which they could use to convince you that you’re talking to your bank.

Volunteers with current accounts at 11 banks carried out a series of tasks, and security experts rated the customer-facing safeguards. All the banks were broadly secure but only five have two-factor authentication at login. This combines two types of ID checks – typically a password or Pin plus a card reader or device - to generate a single-use passcode.

To access this review and thousands of others, sign up for a £1 trial. Or if you're already a member, log in to see our reviews.

Know your rights: I think I've given a fraudster my bank details - we show you what to do

Online banking security rated

The table below shows how each bank fared for the main factors we tested. The more stars the better.

Online banking security rated
  Login Encryption Account management Navigation and log out Total score
Subscriber only content 78%
Subscriber only content 76%
Subscriber only content 75%
Subscriber only content 73%
Subscriber only content 73%
Subscriber only content 68%
Subscriber only content 64%
Subscriber only content 62%
Subscriber only content 62%
Subscriber only content 59%
Subscriber only content 56%

Find out more: Bank accounts - more than 50 current accounts rated

Our online banking security tests

We awarded marks for each part of the test, with login given greater weighting, to reflect the threat from hackers stealing your financial information. Our tests included:

  • Logging in, which included whether login involves two-factor authentication, as well as the other information required to log in and password complexity. It also examined the process for resetting a forgotten username or password.
  • Account management, which covered setting up a new payee and transferring money, and changing password and address.
  • Encryption, including the front-end security aspects of logging in, such as how safely your information is transmitted when you connect to the site.
  • Navigation and logout, which covered the logout process, whether the site prevents you from from using the ‘back’ button to access a previous secure session and whether it allows for two sessions to be open simultaneously on two different browsers or devices.