Meet our latest report about security of banking applications in Poland.
We analysed security mechanisms of 15 Polish banks in regards to web and mobile banking – default and optional security features, authentication and authorisation.
Download the report to see the results:
- security methods offered by Polish banks to retail clients (e.g. authentication methods, transaction authorization, limits, notifications and also customer education programs),
- analysis of the security measures used in applications,
- applied best practices along with our commentary.
Experts agree that the current Polish banking sector is very innovative and advanced. Perhaps this is because of a relatively late adoption of credit cards in 1990s and introduction of the first online banking only 10 years later, that allowed to continually deliver new features without the need of breaking customer habits. Naturally, banks in Central Europe are competing by introducing modern features and this trend is also visible when it comes to security features of online banking.
SecuRing was invited by the organisers of the Golden Banker contest, the most recognised banking award in Poland, to support the “Secure Bank – Best Practices” category and help them in assessing security features offered by banks. This report summarises our study of the online (browser-based) and mobile banking applications of 15 banks that participated in the Golden Banker 2019 pool.
The main subject of our assessment was the functional aspects of online banking security. We did not perform offensive security tests (especially penetration testing) that could affect the integrity of the tested data or websites. The scope of the study covered basic website and application functionalities present in all banks.
The results are presented in a synthetic form, maintaining the anonymity of assessed banks. Conclusions have been separated into specifically marked sections. In the final chapter, we present improvement ideas for online and mobile banking.
The report is available only for the banking industry, fintechs and solution providers.
Head of Cloud Security