The modern banking industry provides its best services through various transaction channels, one of them and currently plays an important role is an online service using a website. This online service presents new problems, especially related to malware attacks and data stealing. The risk of this attack can cause financial losses for banks and bank customers. There are many ways in banking to protect their online services to reduce and mitigate the risks. Banking as a service provider does invest in hardware and software security to achieve safe and comfortable facilities for customers. On the client-side, the role of the browser on the client becomes essential because the process of data theft through web vulnerabilities often occurs on the client-side. On the server-side, they are adding declarations of security response headers on the web to reduce the risk of attack. The security response header is indicating the commitment of web service providers to provide a secure environment. In this paper, the security header implementation will be measured on the banking website in Indonesia.
展开▼