17 July 2018
Adam Nybäck

Cards and mobile

Adam Nybäck - Anyro

4Posts 29,490Views 36Comments
Information Security

Information Security

The risks from Cyber cime - Hacking - Loss of Data Privacy - Identity Theft and other topical threats - can be greatly reduced by implementation of robust IT Security controls ...
A post relating to this item from Finextra:

Santander denies online banking hack

19 April 2011  |  14464 views  |  0
Santander has denied that cybercrooks have hijacked the online banking login page of its Alliance & Leicester unit.

Use of 3rd parties in online banking

21 April 2011  |  12567 views  |  0

It's certainly calming to know that Santander/A&L put the advanced-web-analytics.com script there intentionally. However, some people (including the customer who first noticed this issue) continue the discussion and question the 3rd party as well as Santander's use of it.

Some examples:

"Even if advanced-web-analytics is legit. I can't see the how polycache is legit. On some of the nodes it presents a cert for gate-logic.com, is hosted in a Linode VPS, is registered anonymously etc"

"Even if advanced-web-analytics . com is a legitimate site it is outside of bank infrastructure and can be compromised. I checked my Natwest login page and it also loads some scripts from advanced-web-analytics. As far as I can see this script does nothing harmful at the moment, but the point is it might in the future."

"Anonymous domain regs, VPS hosted accounts - all this adds up to the fact that even if Santander have not been compromised, they're so incompetent with their web security that no-one should trust them."

"Santander has relinquished control of parts of its "secure" site voluntarily to some shady looking characters. Regardless of whether or not there was a breach, it is not safe to do business with a company set up like this."

So what do you think? Is Santander and Natwest doing something they shouldn't?

And who is this anonymous 3rd party anyway?


Comments: (0)

Comment on this story (membership required)

Latest posts from Adam

Android NFC still not for payments

13 May 2011  |  4505 views  |  1 comments | recomends Recommends 0 TagsMobile & onlinePayments

Use of 3rd parties in online banking

21 April 2011  |  12567 views  |  0 comments | recomends Recommends 1 TagsSecurityGroupInformation Security

Santander UK online bank attacked

19 April 2011  |  7688 views  |  0 comments | recomends Recommends 0 TagsSecurityGroupInformation Security

What's wrong with the UK?

22 November 2008  |  4731 views  |  3 comments | recomends Recommends 0 TagsPayments

Adam's profile

job title System Developer
location Stockholm
member since 2008
Summary profile See full profile »
Self employed system development consultant in the payment card industry in Scandinavia.

Adam's expertise

Member since 2008
4 posts36 comments
What Adam reads
Adam's blog archive
2011 (3)2008 (1)

Who's commenting on Adam's posts