Online banks warned on security

The Financial Services Authority (FSA) has called on internet banking chiefs - and their customers - to pay greater attention to security.

Security advice

Use less obvious passwords

Change them regularly

Check who you are dealing with

Beware of bogus sites

The UK watchdog warned senior managers of firms selling financial products online that security was their responsibility.

It said they should not neglect security in the rush to get new products to market.

As well as concentrating on preventing fraud, the FSA said it was also important that firms made sure their systems had the capacity to cope with demand, as consumer confidence would be hit by sites that regularly crashed.

'Slap-dash' customers

But the FSA also urged customers to be less "slap-dash" and more security conscious when banking online.

Speaking at a conference on e-security Lydia Bailey, the FSA's e-commerce team manager, said its research had found that 40% of people banking online used the word "password" as password, or a phrase easily guessed such as their name.

And, she said, 50% of people left their password typed in their computer.

She urged consumers to take simple steps to help protect themselves, such as using less obvious passwords and changing them regularly.

She said it was important people made sure they knew who they were dealing with, and that they were logged on to an official site and not a bogus one using the same name.

Sensitive data

Consumers should also make sure information sent by the internet was encrypted by the bank so that it could not be accessed by a third party.

People could check whether online data exchanges were encrypted by checking procedures directly with their online bank, or looking for a closed padlock or similar security symbol on their browser when sensitive data were being sent.

The FSA is concerned that consumers are not always given all the information they need, and is now including internet security information on its website.

But Ms Bailey added it was important that the potential risks will not put off people from using the internet for financial transactions.

The watchdog said in the future it may consider introducing a "dot.fin" domain name so consumers can tell straight away whether they are dealing with a firm regulated by the FSA.