Below are few important functional testing invovled in web application security testing.
1. Vulnerability Check - checking for any security holes ie. weaknesses in the web application.
2. URL Manipulation - unintended behavior in the web server leading to unintended manipulation of urls.
3. SQL Injection - commonly used for website hacking
4. XSS (Cross Site Scripting)
5. Spoofing - Genarally a Hoax website / Email is created to look alike like a genuine website or a existing leading brand
Any websites that carries out financial transactions it is a must to secure their website with a period website security testing and penetration testing, to ensure that thier web server is secure.