TSB, Lloyds and Co-op Bank customers who bank online or on mobile warned over 'security concerns'

A new investigation has uncovered which banking customers can feel safest with when it comes to fighting against malicious actors.

Consumer champion Which? carried out a security investigation against some of Britain's most popular banks and their online defences. It examined 13 different banking apps and websites throughout January and February of this year alongside a team of independent computer security experts.

Out of those investigated, Which? said TSB and the Co-operative Bank are at the bottom of the table for security on both mobile apps and online security. TSB, which scored the absolute lowest score, was found to have a 'medium risk' issue in the handling of sensitive data which exposed it to potentially being read by other apps on a smartphone.

Read more: Sainsbury's issues update amid Aldi price guarantee as '4,000 products reduced'

In response, TSB said the issue was under review and it will consider a fix in the future. Meanwhile, the Co-operative Bank, which scored the lowest in mobile app security, failed to obligate users to use two-factor authentication (2FA) login when one of Which?'s researchers used a fresh laptop.

However, the bank said it does use 'device profiling and behavioural data' to increase security on a device where required. The bank was also found to block users from setting incredibly weak passwords and sends a variety of error messages depending on whether the correct username was used to log in - which means an attacker could potentially build up a list of valid usernames then combine that with weak and common passwords.

While Lloyds scored well on the investigation, it was the only bank that didn't automatically log out users from its website after five minutes - a regulatory