Home >  Insights > Websites Back To Articles Listing
Mar. 04, 2010
| | Pdf |Print

MyPrivateBanking Research

Font Plus Minus

Privacy Vulnerable on Private Banking Websites

The majority of Private Banks and Wealth Managers worldwide show little regard for the protection of personal data on their public websites. MyPrivateBanking Research surveyed 195 websites in the 17 most important banking markets and found that 61 percent of the banks do not offer secure Web messaging. Almost as high, at 59 percent, is the proportion that do not give privacy warnings to users of their website about sending unprotected e-mails to recipients at the bank.

Overall, the research showed that online communication is of increasing importance to Private Banks and Wealth Managers and offered by the vast majority of the providers. Of the surveyed banks only 10 percent offer telephone numbers as the sole means of contact, while 35 percent offer e-mail contacts, 31.3 percent have a contact form and 23 percent offer both means of online contact.

For assessing the level of privacy, MyPrivateBanking Research looked at the two major means to transmit messages via the public (not password protected) website of a bank. First, it was checked whether the bank offers encrypted messaging via the secure HTTPS (Hyper Text Transfer Protocol Secure). Without HTTPS, a message that is transmitted via a website can be easily intercepted. Second, whether in the case of contact e-mail addresses, published on the website, the bank explicitly warns their website users about the risks of e-mail transmission. This could be done in an explicit privacy policy on the website or directly on the contact page of the bank.

          Total
   Share(%)
 No Secure Contact Form   65 out of 106     61,3%
 No Privacy Warning on E-Mail Security   67 out 0f 104     58,8%
 

In total 54.4% of banks offered a web-based contact form for users of their public website.  However, looking on the private banking websites of these banks, we found that more than 60% did not use the secure HTTPS protocol. Even more private banking websites (58.5%) offered one or multiple e-mail addresses to send messages to recipients at the bank. Of these, only a minority of 41.2% made a statement to users about the risk involved in sending simple e-mails. The majority of banks (58.8%) did not give any warning to website users – not even in the privacy policy on their website.

MyPrivateBankingResearch recommends that more than ever banks need to focus very carefully on their online privacy reputation as this is an important asset for building trusting client relationships. Consequently private banks and wealth managers should  make privacy protection on the web a high priority item for the management and offer HTTPS-protected contact forms and explicit data security warnings on all relevant pages of the website. But not only banks and wealth managers have to be more sensitive to the risks of online communication. Users have to be aware that the Internet is an un-policed open space and avoid sending  information via regular e-mail or through web contact forms, except those that are HTTPS protected. By explicitly pointing out the security features of their private banking websites banks will make it easier for users to develop trust and lower the hurdle for online contact.

Related Articles and Research

My Private Banking



MyPrivateBanking Research

Privacy Vulnerable on Private Banking Websites

  Mar. 04, 2010

The majority of Private Banks and Wealth Managers worldwide show little regard for the protection of personal data on their public websites. MyPrivateBanking Research surveyed 195 websites in the 17 most important banking markets and found that 61 percent of the banks do not offer secure Web messaging. Almost as high, at 59 percent, is the proportion that do not give privacy warnings to users of their website about sending unprotected e-mails to recipients at the bank.

Overall, the research showed that online communication is of increasing importance to Private Banks and Wealth Managers and offered by the vast majority of the providers. Of the surveyed banks only 10 percent offer telephone numbers as the sole means of contact, while 35 percent offer e-mail contacts, 31.3 percent have a contact form and 23 percent offer both means of online contact.

For assessing the level of privacy, MyPrivateBanking Research looked at the two major means to transmit messages via the public (not password protected) website of a bank. First, it was checked whether the bank offers encrypted messaging via the secure HTTPS (Hyper Text Transfer Protocol Secure). Without HTTPS, a message that is transmitted via a website can be easily intercepted. Second, whether in the case of contact e-mail addresses, published on the website, the bank explicitly warns their website users about the risks of e-mail transmission. This could be done in an explicit privacy policy on the website or directly on the contact page of the bank.

          Total
   Share(%)
 No Secure Contact Form   65 out of 106     61,3%
 No Privacy Warning on E-Mail Security   67 out 0f 104     58,8%
 

In total 54.4% of banks offered a web-based contact form for users of their public website.  However, looking on the private banking websites of these banks, we found that more than 60% did not use the secure HTTPS protocol. Even more private banking websites (58.5%) offered one or multiple e-mail addresses to send messages to recipients at the bank. Of these, only a minority of 41.2% made a statement to users about the risk involved in sending simple e-mails. The majority of banks (58.8%) did not give any warning to website users – not even in the privacy policy on their website.

MyPrivateBankingResearch recommends that more than ever banks need to focus very carefully on their online privacy reputation as this is an important asset for building trusting client relationships. Consequently private banks and wealth managers should  make privacy protection on the web a high priority item for the management and offer HTTPS-protected contact forms and explicit data security warnings on all relevant pages of the website. But not only banks and wealth managers have to be more sensitive to the risks of online communication. Users have to be aware that the Internet is an un-policed open space and avoid sending  information via regular e-mail or through web contact forms, except those that are HTTPS protected. By explicitly pointing out the security features of their private banking websites banks will make it easier for users to develop trust and lower the hurdle for online contact.