The best and worst banks for online safety
Picking a bank that offers protection from scammers is just as important as an account that delivers interest, cashback or overdrafts
- (opens in new tab)
- (opens in new tab)
- (opens in new tab)
- Look After My Bills Newsletter Newsletter

Online security should be a crucial consideration for all of us when picking a bank account.
Most of us tend to focus on the individual features offered by the bank account when choosing where to keep our money. It might be that it pays a leading rate of interest on in-credit balances, or cashback on your household bills.
Alternatively, we might prioritise banks that offer a fee-free overdraft, or even a welcome bonus that can be worth hundreds of pounds.
However, just as important when selecting a bank is how well it can protect you from scammers and fraudsters. And a new study from Which? highlights some of the best and worst banks for online security.
What makes a secure bank?
Which? teamed up with the security experts at Red Maple Technologies to assess more than a dozen banks and how secure their customer-facing features are.
Banks were scored in four categories for their online banking security and app security:
- Log-in
- Navigation and logout
- Account management
- Encryption
Issues which would result in a score being marked down included failing to block weak passwords, sending passcodes or other sensitive information in text messages (which it argued were the least secure method) and leaving customers logged in even after five minutes of inactivity.
Other reasons for dropping points included allowing access to accounts from multiple web browsers at the same time, and sending notifications to customers that include a phone number or weblink. Which? argued that these can open the door to scammers, since they can be replicated easily by scammers and con people into sharing their details.
The best banks for online safety
According to Which?, the standout bank when it comes to online safety is Starling Bank.
Starling is an online-only bank ‒ you aren’t going to find a Starling branch on your local high street, for example. However, the fact that it is online-focused evidently means that it knows what it’s doing when it comes to protecting customers.
The Which? study gave Starling a score of 82% for online banking security, and 80% for its app. The app is useful for all customers, in that it is used to authorise online logins, while it also provides alerts whenever there is any sensitive activity. The bank scored five stars in virtually every category of the Which? tests.
It was followed by HSBC, which was the top performer in last year’s version of these tests. It scored 80% for online banking, and actually outperformed Starling in the app tests, managing 82% ‒ the highest of any bank assessed.
The worst banks for online safety
At the other end of the scale, Virgin Money was the worst performer on online safety of all of the banks tested by Which? and Red Maple Technologies.
On online banking, it scored a paltry 52%. Issues pinpointed included the navigation and logout, as well as its account management, where it got just two stars out of five. It scored 54%, which was partly down to the poor score of two stars for its encryption.
According to the investigation, Virgin Money was using six web applications which were potentially vulnerable to scammers. Issues include failing to block insecure passwords, and including phone numbers in notifications, while the bank was also criticised for not carrying out security checks when users want to pay someone new, adapt an email address, or edit the details of a payee.
Another bank that came out poorly in the tests was TSB. It managed a score of just 57% for its app, which was the second lowest in the investigation, though it received a more respectable 66% for its online banking.
It was criticised for issues including asking basic security questions to recover login details, as well as its poor password requirements ‒ only six characters were needed, while TSB was found to fail to block insecure passwords.
The bank also lost points for failing to send alerts when sensitive changes were made to accounts, while phone numbers were included in new-payee notifications.
Keeping yourself safe online
Checking studies like this are a good idea when opening a new bank account, so that you can be confident that your money will be protected from scammers.
However, there are measures you can take too which will also keep fraudsters at bay. Examples of steps you can follow to keep safe when banking online include:
- Don’t click on links you receive in unsolicited messages
- Use up-to-date security software
- Improve your phone’s security, such as by turning on the auto-lock after a period of inactivity
- Remove any personal information, such as your date of birth or email address, from your social media profiles
- Change the password on your home router from the default password.
John Fitzsimons has been writing about finance since 2007, and is a former editor of Mortgage Solutions and loveMONEY. Since going freelance in 2016 he has written for publications including The Sunday Times, The Mirror, The Sun, The Daily Mail and Forbes, and is committed to helping readers make more informed decisions about their money.
-
-
Seven ‘awful April’ price hikes – how to beat them and save money
A whole heap of price hikes are coming in this April – we run through the main ones along with ways to beat them and save money
By Sue Hayward • Published
-
State pension underpayment warning - have you been underpaid and eligible for more than £11,500?
Thousands of retirees, mainly women, are still owed money by the government after being underpaid their state pension. We explain what you need to know
By Katie Binns • Last updated
-
State pension age rise to 68 could be delayed - what it means for your retirement
The state pension age may stay at current levels for longer than expected after the government reportedly shelved plans to increase it to 68 by the late 2030s. We explain what it all means for you
By Stephanie Baxter • Published
-
Get more for your money with a stocks and shares ISA
A stocks and shares ISA could grow your money faster than a cash ISA. But what is it exactly and who is it suitable for?
By Ruth Emery • Published
-
Help to Save scheme extended - get 50p for every £1 you save
The government has extended the Help to Save scheme that can help you make the most of savings with an added bonus - we explain how it works and who is eligible.
By Kalpana Fitzpatrick • Published
-
Budget 2023: How much more can you save for retirement with the new pension tax changes?
The government has axed the pensions lifetime allowance, announced in the Spring Budget. We explain what this means and how it could give you a major pensions boost.
By Stephanie Baxter • Published
-
Pension savers set for a triple boost in the Budget
Jeremy Hunt is expected to hike a trio of pension allowances, including the lifetime allowance, in his Spring Budget on 15 March. We explain what it means for you
By Ruth Emery • Published
-
Silicon Valley Bank UK bought by HSBC - what does it mean for bank customers?
Silicon Valley Bank is an American bank that you won’t have seen on the UK high street - but its collapse this weekend caused the government much alarm. We explain everything you need to know
By Sue Hayward • Published
-
Save up to £300 on your supermarket shop with cashback accounts
Three banks offer cashback on your supermarket shop, but can you use them all to max out your savings?
By Vaishali Varu • Published
-
Workplace pensions: earnings limit change makes pension saving easier for more people
New workplace pensions legislation will mean more can bag extra money from their bosses
By John Fitzsimons • Published