The SSL encryption protocols used by Belgian financial institutions to protect their communications with clients are often very vulnerable. This is according to a Belgian blogger, Yeri Tiete, who specialises in this area. “The danger that hackers can see the data or even steal it is very real”, says Data News, an internet site dedicated to IT and communication technology. Internet sites that have SSL protection are recognisable by the little padlock symbol and https:// in the navigation bar.
“Our banks use SSL badly, and wait too long for important updates or to correct technical problems. They therefore create a false sense of security”, explains the blogger. “If https:// links are vulnerable, hackers can look at communications between banks and clients without any problems, and use and adapt the data to do whatever they want with it”.
According to Yeri Tiete, bpost and BNP Paribas Fortis sorted out their SSL configurations 2 weeks ago. Argenta is now doing the same. The situation is not as good at ING, Record bank, Hello bank! or Orgone, the specialist in online payment solutions.
The blogger says that banks often hesitate to update their SSL encryption protocols as they want to ensure their computers still work with the old XP operating system, or that Internet Explorer 6 can still use their applications.
Jonadav Apelblat Business and Technology Editor The Brussels Times