Nationwide Building Society has been rated as the top financial institution for online banking by Which? for security and usability. 

The report, which was widely reported on last week, ranked Nationwide top for security and usability, followed by NatWest/RBS and Barclays. At the bottom of the top ten were Santander, Halifax and Norwich & Peterborough Building Society.

The study was undertaken by 12 volunteers who were recruited by Which? and each accessed a banking site and then assessed the banks' customer-facing security measures.

Greg Day, EMEA security CTO and director of strategy at Symantec, said: “This comes down to who offers two-factor authentication. If they do not then they are not on the list and those who do offer it, are on the list.”

Chris Russell, vice president of technology at Swivel Secure, said: “The Which? online banking security report has highlighted the fundamental vulnerability present in virtually all account holder login procedures. Regardless of how many steps or variations it takes to complete the login, if the device has an active keylogger it is only a matter of time before the hacker has all the information they need to steal the account holder's identity.

“The US banking regulatory body (FFIEC) has recognised this fact and recently released its updated authentication guidance that specifies that all retail banks should implement some form of two-factor authentication for their online customers by January 2012. If the problem is going to be resolved in the UK, they need to quickly follow suit.”