Banks Abandoning SSL On Home Page Log-Ins
Source: InformationWeek - Posted by Pax Dickinson   
Security Some of the biggest banks have abandoned the practice of posting their online account log-in screens on SSL-protected pages in an effort to boost page response time and guide users to more memorable URLs, a U.K. Web performance firm said Tuesday.

The username and password are still encrypted when sent to the bank's server, however; the form's Submit or Login button points to an SSL-enabled "https" URL.

The practice runs counter to the advice banks and others have been hammering into consumers for years: look for the padlock icon representing a secure, SSL page. With the recent flood of phishing and other identity theft attacks, that advice has been reiterated by the likes of the Federal Trade Commission (FTC) in its anti-phishing guidelines to users.

Read this full article at InformationWeek

Only registered users can write comments.
Please login or register.

Powered by AkoComment!