HSBC has reassured business customers that a message on
itsinternet bankingsite is not a
security risk after an SSL certificate on a US server
expired.
UK business bankers visiting the online banking suite were
greeted by a message, which caused concern.
It said:
"www.ukbusiness.com
is a site that uses a security certificate to encrypt data during
transmission, but its certificate expired on 04/03/2008 23:59."
It then asked if customers would like to continue anyway?
But HSBC has reassured customers that there was no security risk
for them. A spokesman said the SSL certificate was used only to
protect the security message that the bank has on its website. "The
certificate is not managing any data encryption or security it just
allows the [standard] security message to be displayed and allows
us to change this message if we need to."
"It should have been replaced but was not and customers were
getting the message," he said.