Scotiabank SSL misconfigured?
Did Scotiabank misconfigure their SSL settings? Check yourself by visiting
https://www.scotiabank.com (use HTTPS to force a secure session.)
You should see the following error:
Low Security Grade
I rechecked using a third-party SSL Checking tool. The tool gives Scotiabank a pretty low grade.
Online Banking is Secure
Even though their website is misconfigured, their online banking is setup correctly (meaning the actual banking transactions are protected, just the marketing/web content isn’t.)
Bad User Experience
Regardless, this gives a bad user experience. Imagine as visitors try to go to a secure version of the website, only to find a warning message instead. Scotiabank must have a good reason to have it setup like this – I’d love to find out why.
By the way, I just checked 3 other banking websites – they’re all configured properly.
Trackback from your site.
Correction
| #
scotiabank.com is not an HTTPS site….
Reply
Zaki Usman
| #
Most banks allow for SSL access to their corporate site, so why would Scotia be any different?
It seems ScotiaBank is using a CDN to streamline content delivery and aren’t forcing SSL properly across the entire constellation.
Reply