84% of users feel safe when operating through their digital banking

As we approach the peak consumption period of the year, online shopping is positioning itself as the second most common operation in Spain with digital banking, according to a study by CECA

Four out of ten respondents use banking digital channels daily

Eight out of ten users of digital channels consider cyberattack threats severe, but only half believe it is likely they will be direct victims

Regarding cybersecurity knowledge, six out of ten acknowledge having limited notions, a deficiency that is particularly pronounced among women and people over 65

In a world where e-commerce is advancing rapidly, some dates have become true epicenters of digital consumption and online transactions. Events such as Black Friday or Christmas are positioned among the highest consumption moments, and more and more buyers are opting for digital channels to make their purchases. However, these dates, which record peaks in online consumption, have also become ideal scenarios for the proliferation of cyberfrauds and digital crimes, putting user security at risk.

The impact of this phenomenon is evident: online purchases have become the second most common banking operation in Spain (26%), only surpassed by balance inquiries and banking transactions (36%). In third place are payments through Bizum (22%), particularly significant among younger individuals. This is one of the conclusions of the survey ‘Cybersecurity and usage habits of digital channels’, conducted by CECA in collaboration with Sigma Dos, which analyzes behavior, knowledge, and usage habits of digital channels; customer exposure and protection measures against cyberattacks; and user assessments of banking institutions’ initiatives to combat cybercrime.

In a scenario marked by accelerated digitalization and the constant integration of new technologies into the financial sector, digital banking users increasingly observe the threat of cyberattacks with concern. Thus, the average perception of the risk of being a victim of a cyberattack is rated 8.3 out of 10, and 85.9% classify them as severe, giving them a rating above 7. Despite this collective perception, only half of the respondents believe it is likely they will be direct victims of cyber fraud, reflecting an apparent disconnect between awareness of risk and personal vulnerability perception.

Furthermore, in the face of constant technological evolution, society has also witnessed the rise of cyberattacks deployed through social engineering techniques, which exploit human error rather than a cybersecurity breach. The most feared methods include suspicious messages received by email, SMS, or WhatsApp, noted by 73% of respondents; fake calls in the name of legitimate entities or companies, at 42%; and contact attempts through social media, which concern 35%.

Banking institutions as a pillar of trust in the digital world

In a landscape where digitalization transforms the daily lives of millions, traditional banking entities consolidate as a pillar of trust for personal data management and protection in digital channels. This is demonstrated by the study, which grants these institutions an average trust score of 7.5 out of 10, even ahead of public administrations. Additionally, three out of four users rate the security measures implemented by their banks and savings banks as good or very good.

The use of digital banking has reached historical levels, becoming an indispensable tool for daily operations. Four out of ten respondents access these platforms every day, and 88% do so at least once a week. In this environment, 84% of users claim to feel safe when operating with their digital banking.

The perception of security is not limited to everyday use; it also reflects recognition of the initiatives of banking institutions. A 78% of respondents acknowledge that their entity cares about the security of their financial and personal data, and three out of four respondents express satisfaction or high satisfaction with the cybersecurity measures adopted by their bank or savings bank. Moreover, when faced with fraud, banking institutions are considered the best-prepared actors for protection against potential online financial fraud, followed by state security forces and public administrations; this opinion is stronger in older population sectors. In fact, this trust relationship between users and banking entities becomes particularly evident in situations of vulnerability. Most respondents prioritize direct contact with their entity upon detecting suspicious activity in their accounts, and those who have suffered cyber fraud rate the attention received with a notable score (7.2 on average).

The cybersecurity knowledge gap: a key challenge in the digital age

The lack of knowledge in cybersecurity remains one of the biggest challenges in the digital age. According to the study, six out of ten Spaniards acknowledge having limited knowledge in this area, a deficiency that particularly affects women and people over 65. In fact, despite banking institutions’ efforts to inform their customers about protection measures against cyberattacks, 20% of respondents erroneously believe that their bank could ask them for user IDs and passwords via email, SMS, WhatsApp, or phone calls.

In light of the lack of cybersecurity knowledge, banking institutions are focused on creating and disseminating content aimed at empowering, promoting, and providing their clients with the necessary tools to reduce their exposure to cyber fraud. Thus, 85% of respondents acknowledge receiving this type of communication from their bank, but only 54% say they pay attention to it. By age, the younger population is the least attentive to this type of communication (only 33% take it into account), while those over 65 are more receptive (67% consider it).

Despite limited knowledge, 65% of respondents believe they take sufficient measures to protect their digital security, a figure that rises to 86% among those who say they have solid knowledge in cybersecurity. Among the most common practices are activating notifications to alert about account movements, using biometric data to access applications, and actively protecting passwords through regular updates.

The figures reaffirm the need to train different groups in digital skills necessary to manage their personal finances effectively. For the CECA sector -which represents CaixaBank, Kutxabank and Cajasur Banco, ABANCA, Unicaja, Ibercaja Banco, Caixa Ontinyent, Colonya Pollença, and Cecabank, and more than thirty foundations- training in financial knowledge and digital skills is an absolute priority. This positions it as one of the largest investors in financial education in Spain, with an investment of around 18 million euros in the last six years. In 2023, more than 2.58 million euros were allocated to over a hundred programs, reaching 34 million beneficiaries.