Barclays Bank and Barclaycard are moving away from using .com and .co.uk domain names in a move that will add extra security for customers.
The bank and credit card company are switching from barclays.com and barclaycard.com to .barclays and .barclaycard. Barclays said this will add security as only Barclays and Barclaycard will be able to set up websites using these addresses.
This change has already begun for the non-transactional sites and will be introduced across all sites over time. During the migration period automatic domain redirects will ensure customers still reach the appropriate page.
Barclays Group CISO Troels Oerting said the changed domain names simplify the user experience and make it clear to customers they are engaging with a genuine Barclays site.
“This clarity, along with the advantages of controlling our own online environment, enables us to provide an even more secure service, which we know is of utmost importance to our customers, and ultimately serves to increase trust and confidence in Barclays’ online entities,” he said.
With online banking becoming the channel of choice for more consumers, cyber fraud is on the rise and banks are under pressure to increase security.
One IT security professional in the banking sector said initiatives like this will help, but he warned that educating customers to check the actual domain name they are visiting is essential.
Read more about banking security
- More people are choosing not to use banking apps because of a lack of functionality than those deciding not to because of security fears
- Research of 350,000 banking-related Android apps has revealed about 11% contain malware or suspicious binaries
- Royal Holloway Security Series argues that an information sharing service between national banking systems and law enforcement agencies could counteract online fraud
“Many scammers send links that appear to be from banks but take people elsewhere, so consumers have to check first. Whatever the good guys do the bad guys seem to be able to get around," he said.
"Anyone can set up a domain called www.barclays-banking.co.uk and confuse people, but only Barclays can set up domains ending with .barclays. So when people get used to seeing .barclays at the end, it should be a barclays website.
"However, the scammers will probably find a way to confuse people by spelling it a bit wrong or just writing convincing scam phishing emails that claim to be from .barclays. Customers will still need to keep their eyes open and check the domain name and its security credentials using their browser," he added.
There was a 48% rise in the amount of money stolen from online bankers in the UK in 2014, as criminals pilfered more than £60m through a total of 53,192 incidents, according to figures from Financial Fraud Action UK (FFA).
The FFA described the number of incidents of online theft as modest given that 53% of the UK’s adults – 26.9 million – bank online. The proportion of people that bank online will inevitably increase further as banks close branches in rural communities to cut costs, and younger people who have grown up with on-demand services enter adulthood.