Is online banking safe?

HomeBankingOnline BankingOnline Safety › Is online banking safe?

Banking has shifted online in recent years, with 5,355 bank branches and building societies closed, or planned to close, since the start of 2015, and a total of 410 bank branches due to close by the end of 2024*.

Around 86% of Brits were using online banking in 2024**, giving people access to their accounts 24/7 and allowing them to transfer money between accounts at the click of a button.

While it makes banking more convenient for millions, it’s understandable that some people have reservations about the safety and security of online banking.

What is online banking?

Also known as internet banking and mobile banking, online banking allows customers to access and manage their accounts over the internet. Through a secure website or mobile app, customers can perform a wide range of banking activities without visiting a physical branch. These activities include checking account balances, transferring money between accounts, paying bills, setting up direct debits, and more.

Online banking is usually free of charge (although you may have an account fee to pay) and typically allows you to do the following:

  • Check your balance
  • Pay bills and make transfers to other accounts
  • Check your mortgage, loans or savings
  • View, download and print your bank statements
  • Check on any investments
  • Set up or cancel any direct debits and standing orders

Online banking - the statistics you should know

According to finder.com:

  • An estimated 86% of Brits were using online banking in 2024
  • In 2024, 36% of Brits have a digital-only bank account, compared to only 9% in 2019
  • Around 5.3 million Brits (10%) intend to get a digital-only bank account in 2024
  • Nearly half (47.5%) of those who opened or intend to open a digital-only bank account cited convenience as a driving factor
  • 12% of people have chosen to open or intend to open a digital-only bank account due to a lack of branches in their area
  • 32% of the 'silent generation' cited this as the reason behind their decision to open a digital-only bank account
  • 20% of traditional bank account holders do not trust digital-only banks, citing fear of scams

How safe is online banking?

So, is online banking safe? Yes, online banking with a trusted UK provider is usually extremely safe, providing you follow these guidelines:

  1. Use a strong, unique password
  2. Don’t use the same password for multiple accounts
  3. Avoid using family or pet names and common number combinations such as 123456 or 00000 (read more about creating a strong password).

You can improve your online banking safety by using your bank’s app rather than logging in from your web browser because all apps are vetted by Apple or Google, depending on whether you use an iPhone or Android. If you’re not confident about staying safe online, apps are safer than websites simply because websites can run software from any source, making it easier for hackers to access private information.

If you use a smartphone, you’ll also have access to the extra security features they offer, such as locating, locking or wiping the phone entirely, and even taking pictures. Lost your phone? You can find it by using the ‘find my device’ or ‘find my iPhone’ features from Google and Apple.

Many high street and online banks that offer mobile banking have now started to offer improved app security features, including the following:

  • Instant card freezing: If you suspect your details have been compromised or if you’ve lost your card, many of the high street and larger banks and online providers have an in-app instant card freeze feature, meaning you can block your card instantly without contacting your bank.
  • Freeze specific purchases: A select number of larger banks, such as Barclays and Lloyds, will also let you block single purchases, including payments made outside of the UK, ATM or cash machine withdrawals, remote purchases and even payments made to gambling websites and betting shops.

Real-time spending notifications: Currently, Starling and Monzo are the only banks to send app users notifications every time you make a transaction, making it easier and quicker to spot fraudulent transactions and suspicious activity.

How can you tell if internet banking is safe?

Reputable online banking services have heightened security features, such as Strong Customer Authentication (SCA). Also called ‘two-factor authentication’, SCA is a legal requirement under the Strong Customer Authentication Regulations, which requires multiple ID checks and one-time codes sent as a text to your mobile phone. With two-factor authentication, even if someone has your password, they would also need your mobile phone to access your account.

There’s also a feature called Confirmation of Payee, where the bank will check their own records against the customer account you’re transferring money to, meaning your bank can ensure that whoever you are transferring money to actually exists. When you’re transferring money or setting up a new payee in your account, you might need extra details of that person, such as the name of their bank and the exact name they hold their account in.

Other online banking services provide tools for facilitating stronger security through fraud advice and the numbers for chat lines across their websites and apps.

Which banks are the safest for online banking?

All banks have integrated, invisible systems in place to protect you when it comes to banking online. Some of the more obvious ones include:

Secure login – Many banks with optimum security require either a small card reader or the mobile banking app to be used every time you want to securely log in, strengthening their security alongside other measures, such as One Time Passwords (OTP.)

Encryption – Encryption secures communication between you and your bank, so only the two of you can see the information you input. All your credentials are encrypted and therefore can’t be deciphered by any potential hackers.

Account management – Banks with the highest levels of security will require additional checks when you make changes to your account, such as adding a new payee, to verify that you are the one making the changes. Banks with the highest levels of security will also send you a text or notification when any changes are made, just in case it wasn’t you.

Navigation and logging out – Banks with strong safety procedures will automatically log you out after five minutes of inactivity. Online banking that allows you to log in from different places and networks could be a potential hacker attack.

Based on these measures, we’ve rated our partner banks on their performance:

Screenshot_2024-02-08_at_15.21.37.png

How to stay safe while banking online

These tips will help you stay safe when you bank online. 

Take your time

Treat any unsolicited and unexpected phone calls or emails with caution. Never share your credit or debit card PIN and hang up if someone tries to pressure you into taking immediate action. 

Only use trusted phone numbers

If someone has contacted you claiming to be your bank and you're suspicious, hang up and wait a few moments before calling your bank directly. Your bank's phone number can be found online or on any banking documents, including the back of your debit or credit card 

Install antivirus software

Install trusted, reputable antivirus software to ensure your device is protected. 

Create strong passwords

Avoid using the same passwords for multiple accounts and try not to go for predictable combinations or pet names. Best practice is to use three random words and a memorable number, but not your birth date. 

Use a secure network

Don’t access your online bank account on a shared network, such as in a restaurant or other public place. If you must use online banking when out and about, turn off your WiFi and use your data instead, or consider purchasing a VPN that includes security for WiFi hotspots. 

Be wary of links and adverts

Avoid clicking links or adverts online, especially ones in emails you don’t recognise, as they can be traps laid by hackers. 

Avoid sharing personal information

Try not to post personal information on social media, such as your birthday or pet's’ names. Hackers can use this information to guess your passwords. 

Be vigilant with your bank statements

Regularly check your bank statements for any suspicious activity and report it to your bank as soon as you spot it.

What further measures can I take to protect myself when using online banking?

While more regulations are being introduced to protect your finances and encourage banks to be more stringent, there are certain steps you can take for stronger security.

Never use the same passwords

While you might find it easier to remember your password if it’s the same for everything, but this gives fraudsters and hackers a gateway to all of your information once they’ve accessed just one of your accounts.

To prevent people from writing their passwords down, experts suggest using a short, memorable sentence that combines letters and numbers, such as ‘Iwas6whenigotmyfirstrabbit’.

Install antivirus software

Investing in antivirus software gives you an extra layer of protection against hackers and cyber criminals. Prices are typically on a sliding scale, and some of the more comprehensive providers will also scan things like your emails to ensure that any potentially malicious content is flagged.

Be careful with what information you share on social media

While social media is now prevalent in everyday life, some people don’t realise that what they share could make them vulnerable to online attacks. Information like birthdays, pet names, favourite locations and relative’s names are often used for passwords, and are often shared on social media, giving hackers the information they may need to access your account.

Be careful when using public WiFi 

Using public Wi-Fi such as the Wi-Fi in a bar, restaurant, cafe or anywhere that isn’t your private home is risky and should be avoided. If you absolutely have to log in to a service with personal information in a public place, it’s better to use your data or a Virtual Private Network (VPN).

Look out for obvious fraudster habits 

Online banking scams will usually have a few things in common you can look out for:

  • The correspondence looks or feels unprofessional
  • They will address you as ‘dear customer’ or similar, rather than by your name
  • They might create a sense of urgency, telling you your services are going to be cut off, or that you’re going to face a fine if you don’t take an action
  • Any contact numbers that look unofficial or involve mobile numbers
  • Their email address doesn’t look the same as your bank’s website. For example, you may get an email from HSBCbank.co.uk, but their website is actually just hsbc.co.uk

If any of these things appear in digital correspondence you have received, either delete it or get in touch with your bank directly to query it (don’t use the links or numbers in the email or text you received).

We’ve previously explored how to spot fixed rate bonds and saving accounts scams, but you can also familiarise yourself with other methods for spotting fake websites.

Banking phone scams

As essential services become ever digitally evolved, so do the techniques that scammers use to access your money. Thousands of people fall victim to phone scams every year, with scammers pretending to be banking assistants to obtain card details or other sensitive information.

You may receive a phone call out of the blue from someone telling you that there is a problem with your account or credit/debit card. They may put you under pressure by suggesting that your money is at risk and that you need to act immediately. They may ask for your card details, offer to send a courier to collect your card, or even suggest that you transfer your money into a ‘safe’ account. Your bank would never do this, so the best thing to do is simply hang up and block the number.

Should you still be concerned about your account, get in touch with your bank directly.

How to spot a phone scam

There are some telltale signs to look out for when it comes to suspicious phone calls, including the following:

  • A cold call

Scammers may contact you out of the blue. If you find yourself having a conversation that makes you feel uneasy, hang up and wait a few minutes before calling your bank directly. 

  • A sense of urgency

Fraudsters often try to create panic to trigger action from you. Professionals would never do this, so if someone calls and threatens to cut off a service like your broadband or tells you that your money is at risk, it’s likely to be a scam. 

  • A request

Your bank or any trusted institution would never ask you for your full online banking password or six-digit memorable code. In fact, most banks explicitly say that they will never ask you for your password. Scammers may also ask you for your card details or ask you to open certain websites on your computer so they can walk you through a process that may result in you downloading malware. 

  • You’re asked to keep quiet 

Phone scammers become uneasy if you say you need to talk to a friend or family member before making any decisions, and they will often attempt to prevent you from doing so. If you’re in doubt about any phone call, seek trusted, independent advice.

What to do if you’re a victim of banking fraud

If you spot suspicious activity on your account or if a scammer tricks you into giving away confidential credentials, you may have fallen victim to fraud.

The best things to do if you’re a victim of online fraud is:

  1. Contact your bank as soon as possible
  2. Contact Action Fraud on 0300 123 2040

As set out by the Financial Conduct Authority (FCA), you can claim a refund if you didn’t authorise a payment. In most cases, your bank must refund the payment without unnecessary delay by the end of the next business day, unless they have reasonable grounds to suspect that you acted fraudulently.

As part of this process, your bank may ask you to complete a form stating what happened and answer some questions, but don’t worry, banks can’t delay your refund based on how long it takes you to fill out the form.

When your bank refunds an unauthorised payment, it must also refund any charges and interest you’ve paid because of the transaction.

Is internet banking with Raisin UK safe?

At Raisin UK, we follow stringent protocols that ensure your money and personal details remain secure. The Raisin UK website is protected by industry-standard SSL Secure Sites Certificates, so any data you share with us is protected across our entire site.

When using any online service, look for the padlock in the address bar at the top of your screen, as this means you have a secure connection and that any information you supply is encrypted and can’t be read by anyone else.

We always adhere to the latest security standards, meaning we have:

  • Strong firewall that prevents unauthorised external access to our information
  • Multi-level encryption and identification systems
  • Password protection with automatic log-out after 5 minutes of inactivity
  • Transactions are restricted to one nominated account that you provide
  • A secure personal mailbox with message encrypting

When you set up an account with us, we may ask you for supporting documentation to verify your identity as you would in-branch, such as a scan of your passport or other requested documentation. When you withdraw cash from your Raisin UK Account or apply for a savings account, we will always ask you to enter a single-use six-digit verification code that we send to your mobile phone.

If you forget your Raisin UK password, you can enter your account email address here, and we will send you a reset link.

Interested in opening a savings account with competitive interest rates at Raisin UK? Find out how it works right here.

*https://www.which.co.uk/money/banking/switching-your-bank/bank-branch-closures-is-your-local-bank-closing-ayYyu4i9RdHy

**https://www.finder.com/uk/banking/digital-banking-statistics