Ask people to name the most secure types of businesses they can think of, and you'll probably notice banks are often mentioned. After all, they feature numerous precautions put in place to protect workers, customers and the all-important money.

With that in mind, you may surprise yourself to learn a statistic unveiled within the 2017 Online Trust Audit and Honor Roll published by the Online Trust Alliance: 65 percent of banks got failing grades in one or more areas related to digital security.  Keep reading to learn more about what that discouraging statistic means for the banking sector.

This is the ninth year the Online Trust Alliance (OTA) has completed this research. The OTA strives to make improvements in online trustworthiness, facilitate a greater amount of empowered users and promote best practices related to privacy, security and data storage.

How Are Participating Organizations Ranked?

For its report, the OTA looks at numerous categories of websites. Besides banks, there are assessments of internet service providers, online retailers, news sites and more. Any particular organization can earn up to 100 baseline points depending on its performance in the areas of website security, consumer protection and privacy. If the OTA determines a company is following up-and-coming best practices, it can earn bonus points. On the contrary, it may rack up penalty points if there is evidence of security breaches, legal issues or other things compromising overall integrity.

The scoring criteria got stricter this year compared to previous versions of the report. In the past, organizations only had to receive a minimum score of 55 points in the three core areas mentioned above, but in 2017, the OTA decided not to consider companies that did not manage to earn at least 60 points.

Bonus points can make up as much as 20 percent of an organization's baseline, and there are also opportunities to qualify for the honor roll if a company gets an overall score of at least 80 percent and does not have any failures in the baseline categories.

Specific Causes of Failures

Reviewing the overall data related to failures indicates the most shortcomings were found in the area of consumer protection. For example, something as seemingly simple as having multiple data repositories could lead to a failure if numerous naming conventions were used for IT-related assets, leading to a less transparent organization, making it harder to track data. This is true for all kinds of organizations, not just banks.

However, banks as a whole struggled regarding privacy policies. Many reportedly used a standardized privacy disclosure form that did not address all the areas examined in the OTA's audit.

The report also found the top banks in the United States had the highest overall rate of data loss and breaches. That was one of the main reasons why many banking institutions scored so poorly, and there were no banks represented within the report's top 50 overall organizations.

Some Industry Bodies Challenge These, And Other, Statistics

You may feel these statistics are cause for alarm. However, some individuals within the banking industry, such as Doug Johnson from the American Banker's Association, are dubious about the results.

When speaking to NBC News, Johnson said he thought the OTA's statistics about data breaches at banks were too high and the actual figures were lower. However, he admitted reports like the one issued by the OTA are helpful for pinpointing where banks need to make improvements.

The assertion made by Johnson may shed light on a primary reason why over two dozen U.S.-based companies, including some of the major names in banking like Goldman Sachs and Morgan Stanley, recently collaborated to come up with a set of shared principles. The ideals could lead to a greater understanding about rankings achieved within certain reports about data security.

The effort could also make it easier for poorly scoring companies to challenge their ratings if necessary. Complaints have arisen that some of the entities that conduct these investigations and publish relevant reports are not transparent enough about their scoring methods.

In conclusion, it's important to realize that the news was not all bad for the banking sector regarding the above report. Specifically, 27 percent of banks received honor roll-worthy rankings.

If you are looking for a new place to bank and are concerned about security and privacy, it may be worthwhile to seek out one of those that ranked the best. Alternatively, at least determine what your current bank is doing to keep you and its data protected.

##

About the Author