Do you bank online? If so, your transactions might not be as secure as you’d hoped. New research from the University of Michigan, which studied 214 US bank sites, has determined that three-quarters of them have flaws in their design that could end up compromising consumer security, according to a ZDNet report.
Two common problems were putting secure login boxes on insecure pages, leaving them open to spoofed pages and rerouted pages, and also having security advice and contact information on insecure pages. Both could be addressed by using SSL (secure socket layer) protocol on the pages.
Atul Prakash, a professor in the University of Michigan’s Department of Electrical Engineering and Computer Science, who conducted the study in 2006 with two doctoral students, and has been checking sites since, said:
“To our surprise, design flaws that could compromise security were widespread and included some of the largest banks in the country. Our focus was on users who try to be careful, but unfortunately some bank sites make it hard for customers to make the right security decisions when doing online banking.”
Additionally, 31% of banks e-mail sensitive information like statements and passwords, even though e-mail is insecure.
