The advertisement got 15 complaints from users who questioned whether the advertisement falsely represented that websites with green padlocks were guaranteed to be secure.
What the green padlock represents
The green padlock in a website URL is present to inform you about the website's coding and security; webpages with a correctly implemented Secure Sockets Layer (SSL) have a green padlock next to the URL.
You'll also notice that they use the more secure https:// prefix rather than http://.
A green padlock indicates that the website you're reading is secure, but cyber thieves have discovered ways to get bogus security certifications. Even if a website has a padlock, it might still be a hoax.
Looking for the padlock is only one of several tests you should perform (see below for more).
For more information, see Which? Money's analysis of which banks handle fraud accusations the best and worst.
Why the ASA deemed the advertisement deceptive
In response to the complaints, Barclays stated that the advice to check for a padlock was issued by a variety of agencies, including Action Fraud, and was offered in conjunction with the instruction to 'always confirm the seller's legitimacy'.
'We apologize for not being clearer in one of our fraud awareness TV commercials,' said a Barclays representative.
'We always suggest that consumers do several checks before purchasing online and are totally dedicated to providing people with the tools and knowledge they need to keep secure from online criminals.
'We stopped £857 million in fraud last year and engaged 5 million people through our Digital Safety campaign, which included holding 3,080 free awareness events.'
The bank stated that they thought the advertisement made it clear that further actions were required but provided no safety guarantees.
However, the ASA believed that consumers were unlikely to have a thorough knowledge of the website padlock symbol and the broader processes necessary to secure a website's security.
The ASA ruled that the ad was deceptive because it indicated that a padlock guaranteed that a website was safe, whereas a padlock in an address bar did not protect from online shopping scams or payment fraud.
How to Verify the Legitimacy of a Website
If you haven't used the site before, take a few moments to double-check it; try the 'about' area.
If there is poor English, it might indicate that the site is not real.
You could also look at its online evaluations on sites like Trustpilot or Sitejabber for any red flags. It's also a good idea to read the site's return policy.
Don't place all your reliance on a green padlock; instead, consider it one of several indicators to determine the legitimacy of a website.
Is this the end of the green padlock?
Until recently, internet users depended on the appearance of a green padlock and the owner's name to determine the legitimacy of a site. However, recent browser versions eliminate these critical security indicators.
Users of e-banking services will have to be even more cautious in the future to avoid falling into the traps of pishing. Firefox, Chrome, and Safari browsers have abandoned the display of a security indication of a safe website with an EV certificate. Internet users lose the opportunity to easily check the validity of a website and its owner's identity. Microsoft Edge is the only one that retains the traditional display.
Most financial institutions, like many other internet service providers, utilize extended validity certificates, or EVs (for "Extended Validation"), to thwart phishing attempts. A certification authority may only issue such a certificate after thoroughly investigating the site owner's identification. The idea is to keep cybercriminals from acquiring certificates under bogus identities and utilizing them on phishing sites with padlocks. Previously, sites protected by an EV certificate were identified by a green padlock with the owner's name (e.g., the name of the financial institute) in the address bar, allowing users to check the legitimacy at a glance. It should be noted that most websites attacked by phishers today have a gray padlock. Furthermore, due to the lack of an EV certificate, the site owner's name is not shown in the URL bar.
If browser producers opted to remove this visual marketing, it was most likely due to internet consumers' lack of concern about these security signs. The padlock sign will continue to show, albeit in grey rather than green.
The good news is that it simply requires a click on the padlock to confirm that the site owner has an EV certificate and to verify the company name. You may continue to navigate safely in the future, and especially safeguard your e-banking activities, by following the following advice:
Get in the habit of manually inputting the URL of your financial institution and clicking on the padlock symbol when the site loads to verify the certificate holder's (your financial institution's) name.
For Windows users, the Edge browser is an option.
If you're accessing your e-banking account via mobile device, use the online banking app supplied by your financial institution rather than the browser.
So, how are we going to rescue the green padlock? HTTPS Phishing: 49% of phishing websites now have a green padlock.
According to Jeff, a few things must happen in order to save the green padlock and increase trust indicators in general. Eventually, an industry-wide coalition will need to be formed, one in which stakeholders can achieve an acceptable compromise, but before that can happen, it is important to get Google to the table.
Google commands a huge market share. Its Chrome browser, Android OS, search engine, and advertising company are all industry leaders. Unfortunately, nothing occurs on the internet without Google.
But are we presenting this issue correctly?
"I believe there is a tendency—this is entirely Jeff Barto's opinion—in this industry to take browser actions like this personally." We're taking Google's actions personally. Look, Google's top priority is to sell advertisements. Everything they do is geared toward that end, not blowing up our markets. I don't believe their goal is merely to remove the locks or something. They're doing things that will make their ad-selling vehicles as effective as possible," adds Barto. "Clearly, if they're willing to change their mind on positions that they're being very up front about, something speaks to them."
Post a Comment