Revealed: who’s rated best and worst for your online banking

NATIONWIDE has been rated the top financial institution for online banking by the consumer organisation Which?.

The building society – which owns the Dunfermline Building Society – was ranked top for security and usability in a study carried out for the consumer watchdog’s magazine – closely followed by Edinburgh-based financial giant Royal Bank of Scotland.

The pair were both rated “good”, alongside four other banks – including the Clydesdale – in Which? magazine’s survey of 12 financial institutions.

But rival Lloyds Banking Group fared less well. Its Lloyds TSB brand was given only a “satisfactory” rating – coming under fire for “pretty weak” login and logout security – while sister company Halifax was one of only two banks to be rated “poor”.

Which? said customers should make sure they are aware if their account has been hacked.

“With so many of us doing our banking online these days, it’s important that banks’ security is up to scratch,” said Which? executive director, Richard Lloyd.

“If you find you’ve been a victim of fraud, then contact your bank immediately.

“They can only refuse to refund you if they can prove you were negligent or you acted fraudulently. If your bank refuses a refund, you can take them to the financial ombudsman.”

RBS, along with Natwest, was given a 63 per cent rating for its online security. Which? said the bank had been let down by its login system, which it said left customers open to potential hacking by “keyloggers”.

Keylogging – when a computer user’s keystrokes are recorded by a virus or device and sent straight to a hacker, allowing them to record passwords – is one of the major threats to online banking users.

A spokesman for RBS said: “We’ve invested significant resources into the security we provide for our customers and we’re delighted this has been recognised by Which?.”

Which? added that the “man-in-the-browser” attack had become increasingly common. A type of Trojan virus, the MitB infects the web browser and can alter transactions – so online banking customers may think they are paying a bill as normal, but the destination bank and account, and even the amount, have been changed.

The consumer group recruited 12 volunteers, each banking with a different institution, to log in to their current account using a special computer. They then assessed the banks’ customer-facing security measures.

Halifax came under fire for its weak online security measures.

“For such a significant brand, security was surprisingly poor,” the report said.

But parent company Lloyds Banking Group defended its online banking services.

“Our customers’ banking security is of upmost importance and we are continuing to work and invest in our online channel to provide thorough protection,” said a spokeswoman.