Chase Website - Down Again
17 August 2011
Just about one year ago, the Chase website suffered a major outage
. Today, chase.com
is down again, this time with a revoked security certificate:
This is a major issue, as no bank wants its customers to be presented with the message, "you may be communicating with an attacker." This is how the browser (Google Chrome) explains the message:
"When you connect to a secure website, the server hosting that site presents your browser with something called a "certificate" to verify its identity. This certificate contains identity information, such as the address of the website, which is verified by a third party trusted by your computer. By checking that the address in the certificate matches the address of the website, it is possible to verify that you are securely communicating with the website that you intended and not a third party (such as an attacker on your network). In this case, the certificate presented to your browser has been revoked by its issuer. This usually means that the integrity of this certificate has been compromised and that the certificate should not be trusted. You absolutely should not proceed past this point."
It's unclear at this stage what exactly has caused the problem. This is a major concern to customers who use Chase online banking to pay bills and transfer funds. If Chase doesn't resolve the issue shortly, it could cost them a pretty penny - they would have to reimburse late fees incurred by customers unable to access online bill pay.
The last time the site went down, Chase told customers that the site was down for "scheduled maintenance" when in fact it was revealed much later that the problem was a software error caused by a third party. Twitter was ablaze with irate customers wanting answers. It was a PR nightmare, one that hopefully will not happen this time around. Hopefully Chase will provide some information shortly and notify customers about what is going on.
UPDATE 1:10 pm: It appears the site is back up.