Which SSL Reviews


Half of UK banks seems vulnerable with insecure SSL

January 18, 2016 | By Editor 

Xiphos Research, an internationally recognized security firm has disclosed that half of the retail banks of the UK have stationed insecure SSL, making it an easy deal for the hackers to go about their bad guy work.

As per the research performed in November 2015, 11 out of the 22 UK retail banks were found using outdated SSL Certificate as source of website security calling to the rescue. The research also stays proven that over half of 37 UK building societies are found to be hosting insecure SSL Certificates as measure of website protection.

It seems that the financial sectors are notably satisfied with such fragile SSL connections with a needless to care about the encryption even after they are affected.

When there was a breakout of Heartbleed attack recently, most of these banks were exploited to end up in security breaches due to their outdated SSL Certificates in place. When broached on this to understand why the banks are short of equipping their security force with SSL armour, it was known that such banking sectors are not taking any initiative to fix the issue.

SSL – Secure Socket Layer

SSL Certificate when installed on a web server, probes the https protocol to permit secure connections between the web browser and the server. The main objective of SSL is to secure the web connections and to protect sensitive information that are transmitted across the internet and ensures that the information can be only viewed by the recipients. The SSL Certificates are provided by the Certificate Authority to individuals or organizations by validating the identity. SSL encrypts a connection between the server and the browser. This gives space for communicating private information without eavesdropping or any other hassles. SSL underpins a server name, domain name and the identity of the organization.

Importance of Secure SSL Certificates

Encrypts Information – An SSL certificate loads randomized characters into the native information, making it unreadable to anyone. This will therefore be useless for the hackers to handle it to exploit and conduct cyber attacks.

Provides Authentication – The information that is transmitted should be reaching the respected server without any interruption. A server certificate is issued along with the SSL Certificate which acts as a liaison between browsers and servers, this proves the authenticity of the website and the server.

Necessary for Accepting Payments – An SSL Certificate that provides a minimum of 128 bit is required by online enterprises to meet the Payment Card Industry Compliance (PCI). Being compliant to PCI standards ensures that the SSL certificate hails from a trusted source.

Guards Against Phishing – Phishing emails redirect victims by replicating any reputable banking sites notably convincing the email recipients. These sites are deprived of SSL certificates and hence leads to security breaches.

Improves Customer Trust – An authenticated and updated SSL Certificate should be in place to protect websites. This is an important element for financial based online sites as it deals a lot of customer transactions. Banking sectors should stay updated on their SSL certificate to protect their customer information and hence they create space to improve customer trust.

Be part of an IT community with thousands of subscribers. Get the latest news, blogs, and thought leadership articles. Subscribe now
Email *

Posted in SSL

Be Sociable, Share!

Leave a Comment


* fields are mandatory