Since I worked for banks with exactly this problem, I can reassure you that even if they aren't responsible for the losses, they have a very keen interest in making the whole deal secure: Cost.
You have NO idea how much money banks save by shifting the work of transfers to you, their customer. Banks shut down a lot of branches and laid off a lot of people because they don't need so many brick and mortar outlets and tellers anymore.
And this is primarily due to online banking, rather than ATMs?
Now imagine people lost faith in the security of online banking, to the point where they consider it untrustworthy enough to demand their human monkeys again to do their work.
And the banks say "Sure thing! That'll be just $5 per transaction!"
Furthermore, banks could not even easily return to brick and mortar transactions if everybody suddenly stopped using online banking, some banks are by now very dependent on online banking, to the point where they would quickly lose customers simply because there are no local branches anymore.
As others have pointed out, they'd *also* lose customers if they actually made online banking secure.
Think about it: first, they have to make things less convenient, because frankly, convenience and security are inversely proportional. That will lose them customers right off the bat.
But as several posters have pointed out, that's not enough... because people don't know how to keep themselves secure. So for a bank to actually make their customers' transactions as secure as feasible and reasonable, they would have to require everyone to pass a test or take a class before signing up for online banking. How many banks would permanently lose a lot of business if they cut off online access to their customers until they'd been certified to use online banking?
For exactly the reasons you stated, it's unlikely that banks will make online banking reasonably secure unless regulators step in. (And this is why we can't have nice things in a free market.)