Security of Internet and Mobile Banking Applications in Poland based on the Golden Banker 2019 Study
Meet our latest report about security of banking applications in Poland.
We analysed security mechanisms of 15 Polish banks in regards to web and mobile banking – default and optional security features, authentication and authorisation.
Download the report to see the results:
- security methods offered by Polish banks to retail clients (e.g. authentication methods, transaction authorization, limits, notifications and also customer education programs),
- analysis of the security measures used in applications,
- applied best practices along with our commentary.
Experts agree that the current Polish banking sector is very innovative and advanced. Perhaps this is because of a relatively late adoption of credit cards in 1990s and introduction of the first online banking only 10 years later, that allowed to continually deliver new features without the need of breaking customer habits. Naturally, banks in Central Europe are competing by introducing modern features and this trend is also visible when it comes to security features of online banking.
SecuRing was invited by the organisers of the Golden Banker contest, the most recognised banking award in Poland, to support the “Secure Bank – Best Practices” category and help them in assessing security features offered by banks. This report summarises our study of the online (browser-based) and mobile banking applications of 15 banks that participated in the Golden Banker 2019 pool.
The main subject of our assessment was the functional aspects of online banking security. We did not perform offensive security tests (especially penetration testing) that could affect the integrity of the tested data or websites. The scope of the study covered basic website and application functionalities present in all banks.
The results are presented in a synthetic form, maintaining the anonymity of assessed banks. Conclusions have been separated into specifically marked sections. In the final chapter, we present improvement ideas for online and mobile banking.
The report is available only for the banking industry, fintechs and solution providers.
The report is available individually on request, and only for representatives of the above industries – if you are interested, please contact us:
The Data Controller is SecuRing SJ with the registered office at ul. Kalwaryjska 65/6, 30-504 Kraków. I have the right to withdraw my consent at any time (by sending an e-mail to the address info@SecuRing.pl or by phone: +48 (12) 425 25 75). I have the right to access, rectify, erase or limit the processing of my personal data, the right to object, the right to file a complaint with the supervisory authority and right to transfer data. The legal basis for the processing of personal data is Article 6 (1) (a) of the General Data Protection Regulation (GDPR).
The Data Controller uses various IT solutions that allow for more efficient communication and cooperates with entities supporting it in its business and IT processes (i.e. these companies are data recipients/processors). Data are not transferred outside the European Economic Area. These companies have signed appropriate contracts for entrustment of personal data processing.