The best and worst banks for online safety
Picking a bank that offers protection from scammers is just as important as an account that delivers interest, cashback or overdrafts


Get the best money-saving tips, tricks and deals sent straight to your inbox every week. Make sense of your money in partnership with The Money Edit.
Thank you for signing up to The Money Edit. You will receive a verification email shortly.
There was a problem. Please refresh the page and try again.
Online security should be a crucial consideration for all of us when picking a bank account.
Most of us tend to focus on the individual features offered by the bank account when choosing where to keep our money. It might be that it pays a leading rate of interest on in-credit balances, or cashback on your household bills.
Alternatively, we might prioritise banks that offer a fee-free overdraft, or even a welcome bonus that can be worth hundreds of pounds.
However, just as important when selecting a bank is how well it can protect you from scammers and fraudsters. And a new study from Which? highlights some of the best and worst banks for online security.
What makes a secure bank?
Which? teamed up with the security experts at Red Maple Technologies to assess more than a dozen banks and how secure their customer-facing features are.
Banks were scored in four categories for their online banking security and app security:
- Log-in
- Navigation and logout
- Account management
- Encryption
Issues which would result in a score being marked down included failing to block weak passwords, sending passcodes or other sensitive information in text messages (which it argued were the least secure method) and leaving customers logged in even after five minutes of inactivity.
Other reasons for dropping points included allowing access to accounts from multiple web browsers at the same time, and sending notifications to customers that include a phone number or weblink. Which? argued that these can open the door to scammers, since they can be replicated easily by scammers and con people into sharing their details.
The best banks for online safety
According to Which?, the standout bank when it comes to online safety is Starling Bank.
Starling is an online-only bank ‒ you aren’t going to find a Starling branch on your local high street, for example. However, the fact that it is online-focused evidently means that it knows what it’s doing when it comes to protecting customers.
The Which? study gave Starling a score of 82% for online banking security, and 80% for its app. The app is useful for all customers, in that it is used to authorise online logins, while it also provides alerts whenever there is any sensitive activity. The bank scored five stars in virtually every category of the Which? tests.
It was followed by HSBC, which was the top performer in last year’s version of these tests. It scored 80% for online banking, and actually outperformed Starling in the app tests, managing 82% ‒ the highest of any bank assessed.
The worst banks for online safety
At the other end of the scale, Virgin Money was the worst performer on online safety of all of the banks tested by Which? and Red Maple Technologies.
On online banking, it scored a paltry 52%. Issues pinpointed included the navigation and logout, as well as its account management, where it got just two stars out of five. It scored 54%, which was partly down to the poor score of two stars for its encryption.
According to the investigation, Virgin Money was using six web applications which were potentially vulnerable to scammers. Issues include failing to block insecure passwords, and including phone numbers in notifications, while the bank was also criticised for not carrying out security checks when users want to pay someone new, adapt an email address, or edit the details of a payee.
Another bank that came out poorly in the tests was TSB. It managed a score of just 57% for its app, which was the second lowest in the investigation, though it received a more respectable 66% for its online banking.
It was criticised for issues including asking basic security questions to recover login details, as well as its poor password requirements ‒ only six characters were needed, while TSB was found to fail to block insecure passwords.
The bank also lost points for failing to send alerts when sensitive changes were made to accounts, while phone numbers were included in new-payee notifications.
Keeping yourself safe online
Checking studies like this are a good idea when opening a new bank account, so that you can be confident that your money will be protected from scammers.
However, there are measures you can take too which will also keep fraudsters at bay. Examples of steps you can follow to keep safe when banking online include:
- Don’t click on links you receive in unsolicited messages
- Use up-to-date security software
- Improve your phone’s security, such as by turning on the auto-lock after a period of inactivity
- Remove any personal information, such as your date of birth or email address, from your social media profiles
- Change the password on your home router from the default password.
Look After My Bills Newsletter
Get the best money-saving tips, tricks and deals sent straight to your inbox every week. Make sense of your money in partnership with The Money Edit.

John Fitzsimons has been writing about finance since 2007, and is a former editor of Mortgage Solutions and loveMONEY. Since going freelance in 2016 he has written for publications including The Sunday Times, The Mirror, The Sun, The Daily Mail and Forbes, and is committed to helping readers make more informed decisions about their money.
-
-
Octopus Energy relaunches energy tracker deal – we explain what you need to know and if it could save you money
If you’re an Octopus Energy customer, you may be able to save on your energy bills with the relaunch of its tracker deal. We look at how it works
By Sue Hayward Published
-
Three energy firms pay £8m in switching compensation - has your provider paid out?
More than 100,000 customers have received compensation after changing providers, but is now a good time to switch energy suppliers?
By Tom Higgins Published
-
Save £300 on your supermarket shop with cashback accounts
Banks, credit card companies and cashback sites are all offering cashback on your supermarket shop, but can you use them all to max out your savings?
By Vaishali Varu Published
-
More than 150,000 grandparents missing out on £1,500 state pension uplift: how to claim
Grandparents who provide childcare by looking after their grandchildren could be missing out on valuable state pension money worth thousands. We look at how much extra you could get and if you’re eligible
By Stephanie Baxter Published
-
Can you reclaim bank charges?
If you’ve incurred bank charges over the years, these can add up to hundreds of pounds – but can you get your money back? We look at whether you can make a claim and how to do it
By Stephanie Baxter Published
-
HSBC extends deadline for customers to secure bigger interest-free overdraft
HSBC customers now have until 10 May to increase their interest-free overdraft limit from £25 to £500. First Direct, Lloyds and Nationwide also offer similar support. We explain everything you need to know
By Katie Binns Last updated
-
New banking hub locations revealed - is there one near you?
The rise of banking hubs is in response to a stream of local branch closes. With more planned to launch soon, we look at what services they offer and where you can find one
By Stephanie Baxter Published
-
April 2023 premium bond winners revealed - are you a millionaire?
Two premium bond holders have won £1 million each this month and there are many other prizes for another 5,018,742 winners in April. We look at how to find out if you’ve won
By Stephanie Baxter Published
-
Get more for your money with a stocks and shares ISA
A stocks and shares ISA could grow your money faster than a cash ISA. But what is it exactly and who is it suitable for?
By Ruth Emery Published
-
Help to Save scheme extended – act now for £1,200 bonus
The government has extended the Help to Save scheme - we explain how it works and who is eligible
By Kalpana Fitzpatrick Last updated