A survey of South African electronic banking sites, the results of which were released yesterday, show that banking online is safe and technically secure but that banks need to provide more legal disclaimers and statements.
The review, by private online dispute resolution provider Trust Online, found all of the big four banks lacking only in regulating how web-spiders may index their pages and in providing "access to fast and cost-effective online dispute resolution as provided for in the online consumer protection principles of the Organisation for Economic Co-operation and Development (OECD)".
SA is not an OECD member state. The survey did find that both Nedbank and Standard Bank refer disputes to "traditional offline arbitration forums".
The survey raises two important danger flags, seemingly indicating that Absa`s absadirect.co.za site does not use secure socket layer (SSL) encryption to protect login details and that the First National Bank eBucks.com site does not provide a digital certificate to authenticate its servers. Both banks were penalised for these issues in a ranking that puts them at the bottom of the log.
However, Absa does use SSL on its login page and eBucks does provide users with a valid certificate to ensure the identity of its server.
Reinhardt Buys, of Buys Inc Attorneys which is associated with Trust Online, says Absa was penalised because it uses a nested login page which does not allow users to visually confirm security by looking for the padlock icon displayed by most browsers when accessing an SSL site. eBucks, he says, did provide a digital certificate but Trust Online could not verify it despite several attempts.
A check by ITWeb this morning showed the eBucks certificate valid and verifiable.
The survey found full compliance by all four major banks in areas such as protecting user privacy, providing a physical address, details of membership to self-regulating bodies and disclosing banking charges.
The concerns it does raise are more likely to open the individual banks to legal liability rather than to affect users. Examples are a lack of promotion of access to Information Act manuals and protection of site trademarks and logos.
On a 19-point checklist, Standard Bank was rated as 89% complaint with legislation and best practice, Nedbank at 68% and both Absa and First National Bank at 63% compliance.
Absa says its site is fully secure and safe for use, while eBucks plans to launch a substantially revamped version of its Web site, which it says will be fully compliant with all relevant legislation, within a week.
Share
