Travel Website and Bank Website Security Measures


To find information on the security measures that travel websites and bank websites have in place to protect users. Information to be presented will include screenshots or videos of user journeys when a user faces a security friction.

Early Findings

Credit Europe Bank

Equity Bank Limited

  • Equity Bank Limited offers an online Self Service Portal for users to manage their accounts and perform online transactions.
  • To log into the platform, users must provide the correct combination of an email and password.
  • After providing the login credentials, the system redirects to an OTP page where a user must input an OTP PIN that is sent to their registered phone number.
  • After providing the OTP PIN, the system then redirects to the home page of the Self Service Portal.
  • In the case where a user has forgotten their login credentials, there is a "forgot your password" link that users can click on. The user will then be redirected to the password reset page.
  • The above user journey has been presented in the form of screenshots on the attached Google Doc.

Travel Websites

  • The top travel websites globally include Booking, Tripadvisor, Yahoo Travel, Expedia, Priceline, Hotels, Travelocity, Kayak, Orbitz, Hotwire, HomeAway, TravelZoo, Airbnb, LonelyPlanet, and Viator.
  • During the initial hour of research, there was insufficient time to explore the security measures of the above websites. However, the next steps presented below feature one that will be dedicated to providing information on the security controls employed by traveling websites.

Proposed next steps:

You need to be the project owner to select a next step.