Many popular banking sites in the U.S. may be needlessly placing their customers at risk to online thieves, a security researcher says. These login forms may be encrypted but do not use authentication technology to prove they are genuine. A more secure approach would be to force users to log in on a hypertext transport protocol secure (HTTPS) webpage. HTTPS pages use the SSL security protocol, which not only encrypts the information on the page, but also provides digital certificates to give assurance that the website in question is genuine.”]
Source: https://www.csoonline.com/article/2120674/researcher–major-banking-sites-insecure.html