MyPrivateBanking, an independent platform for information and networking for wealthy private clients across the world, has released a new survey report on the protection of the personal data of private banks and wealth managers on their public websites.
The research surveyed 195 websites in the 17 important banking markets and found that 61% of the banks do not offer secure web messaging. Almost as high, at 59%, is the proportion that do not give privacy warnings to users of their website about sending unprotected e-mails to recipients at the bank.
Overall the research showed that online communication is of increasing importance to private banks and wealth managers and offered by the vast majority of the providers. Of the surveyed banks only 10% offer telephone numbers as the sole means of contact, while 35% offer e-mail contacts, 31.3% have a contact form and 23% offer both means of online contact.
For assessing the level of privacy, MyPrivateBanking research looked at the two major means to transmit messages via the public (not password protected) website of a bank. First, it was checked whether the bank offers encrypted messaging via the secure HTTPS (Hyper Text Transfer Protocol Secure). Without HTTPS, a message that is transmitted via a website can be easily intercepted.
MyPrivateBanking Research recommends that more than ever banks need to focus very carefully on their online privacy reputation as this is an important asset for building trusting client relationships. Consequently private banks and wealth managers should make privacy protection on the web a high priority item for the management and offer HTTPS-protected contact forms and explicit data security warnings on all relevant pages of the website.
Steffen Binder, research director of MyPrivateBanking, said: “Thousands of private banking clients have suffered recently from the disclosure of sensitive personal data. Many clients have become concerned about confidentiality and privacy protection, making it all the more surprising that in reality the majority of private banking and wealth management websites are insecure and potentially subject to eavesdropping attacks that can let intruders gain access to sensitive information.”
Christian Nolterieke, managing director of MyPrivateBanking, said: “Users have to be aware that the internet is an un-policed open space and avoid sending information via regular e-mail or through web contact forms, except those that are HTTPS protected. By explicitly pointing out the security features of their websites banks will make it easier for users to develop trust and lower the hurdle for online contact.”