Online Banking is Safer on a Mobile Device (than a desktop)

Midpack

Midpack

Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Joined
Jan 21, 2008
Messages
21,353
Location
NC
I guess I had it wrong, we’ve always used our hardwired desktop for brokerage, online bank, credit card, brick-n-mortar bank or financial access instead of our smartphones/tablets.

This article is from 2013, and I found several others, but nothing recent to confirm. Any thoughts?

https://www.tomsguide.com/us/financ...-banking-smartphone-security,review-1853.html
A few years ago, security experts thought you'd be crazy to access an online bank account from a mobile phone.

The tide has turned. Experts now say mobile devices may actually be safer to use than computers for online banking, in part because malicious software can be downloaded to a computer without a user knowing it.

As long as they're using encrypted Wi-Fi or a cellular data connection, mobile customers usually don't need to worry about malware hijacking their online-banking sessions.

On a mobile device, secretly installing software is much harder to do, as long as the device hasn't been "rooted" or "jailbroken" to let the user run privileged commands and install unauthorized software.

“No online banking is completely safe, period," said Clay Calvert, director of cybersecurity for MetroStar Systems, an IT consulting firm in Reston, Va. "However, unrooted tablets and cellphones are much safer than using PCs for banking."
Click to expand...
 
Last edited:
Except I'm much more likely to leave my cell phone at the restaurant than my desktop.

Plus, they make the assumption that folks are protected by the OS supplied apps like apple store etc, which has turned out to not be true, but back in 2013 (date of article) folks believed it.
 
It depends - almost every day I read of new Android malware that copies keystrokes, reads passwords, etc. Malware on iOS is much less common, but not unheard of.

My perspective is that I have a better handle on what is on my PC than what is on my phone, what with automatic updates and apps taken over by new developers. I do run anti-malware software on my PCs (Norton Security), use a password manager (LastPass), and do as much as I can to improve security, such as use two-factor authentication. Sadly, not one of the financial institutions I do business with supports 2FA!

I also keep on top of transactions with notifications of charges and daily downloads of activity in Quicken. I've been a PC user for 23 years and haven't been hit by malware yet.
 
I would say public WiFi, whether phone or laptop, is your biggest risk for online banking. I'm not too concerned about phone over cellular, or about my desktops/laptops/phones on my home wifi/ethernet.

And ditto on knowing what is on my computer systems verses not knowing what is on phones.
 
As long as they're using encrypted Wi-Fi or a cellular data connection, mobile customers usually don't need to worry about malware hijacking their online-banking sessions.
Click to expand...

I guess sitting in Starbucks or Burger King and using their Wi FI is OK? I mean, we trust those vendors/connections, correct?
 
USGrant1962 said:
I would say public WiFi, whether phone or laptop, is your biggest risk for online banking. I'm not too concerned about phone over cellular, or about my desktops/laptops/phones on my home wifi/ethernet.

And ditto on knowing what is on my computer systems verses not knowing what is on phones.
Click to expand...

Why? You talk to your financial institutions over an encrypted connection.
 
aja8888 said:
I guess sitting in Starbucks or Burger King and using their Wi FI is OK? I mean, we trust those vendors/connections, correct?
Click to expand...

Just make sure https

In a public setting I'm more concerned about cameras around me.
 
I'm not sure I buy it. In the first place, 2013 was a century ago, technology-wise. Plus, as a former network security guy I still read a lot of security related blogs and newsletters, although I tend to skim instead of delve. But my feeling is that the malware for cell phones has taken huge leaps in the last few years. I'm not saying it's less safe than PC based communications, but I doubt it's significantly more secure. I'll look around and see if I can find anything more up to date.
 
I would never do anything sensitive while connected directly to "free WiFi". I use a Virtual Private Network (VPN) anytime I am using WiFi I don't control. Even with SSL, there are "man in the middle" attacks that are difficult to detect, especially with phones.

Since I have unlimited LTE cellular, I will tend to use that even in places with free WiFi. Much harder for random miscreants to intercept.
 
Here are a couple of other articles. The one by Jack Schofield is pretty recent, but not too in depth. https://www.theguardian.com/technol...-safer-to-use-an-app-or-a-browser-for-banking

The interview with Bruce Schneier is older, but very much to the point, IMHO. He says it's all pretty safe because

'It's not perfect. Internet banking is safe because we all do it and it works out okay. But if you want to be 100% secure, don't be online.
Click to expand...
Also, and I like this explanation,

'Your house is not secure because of your door lock. Your house is secure because of everything that happens in your city, in your country, in your world that makes your house secure. I could spend an hour telling you about the design of your door lock and you would be no better off with security than before. Security is very social. Banking is secure because if something happens, the bank makes good on it, we catch criminals, we're mostly lawful, you know, things are basically okay.'
Click to expand...
https://www.schneier.com/news/archives/2015/07/is_iphone_banking_sa.html
 
I can only speak for myself as my system is set up, but the standard for my home is higher than my phone. For example, I only have a 4 × 10 digit code on my phone, but a 20 × 116 key code to get on my computer, and my computer location is secure in itself.

The modem has it's password protections as does the router which are distinctly different password protections. Wpa2 256 aes is set. I live in a quiet neighborhood with few signals in range, which cuts the potential, too.

I have 2 places with my money and both are set for 2fa and one only can transact to the other. Even to deposit or inquire about my bank balance, I have to give another 10 alphanumeric password.

I don't use my phone nor any mobile besides the phone to send sensitive info.

One more upgrade to more security that I am adding is to change security questions to a password type answer. Ie "my mother's maiden name is" qazxcfty for example.
 
Last edited:
aja8888 said:
I don't see what you are getting at? What does that have to do with online banking and unscure WIFI:confused:?
Click to expand...

If you are in a public place like a restaurant, how do you know there isn't a camera or somebody looking over you shoulder? It has to do with online banking. If you are accessing your accounts you have other things to worry about besides whether their wifi is secure.
 
audreyh1 said:
If you are in a public place like a restaurant, how do you know there isn't a camera or somebody looking over you shoulder? It has to do with online banking. If you are accessing your accounts you have other things to worry about besides whether their wifi is secure.
Click to expand...

I understand your concern but, most restaurants have security cameras these days anyway. Someone looking over your shoulder... you would probably know if someone was. Personally, I wouldn't do any financial transactions over WIFI in a public place with a phone, tablet or laptop for other reasons.

Not the same concern, but I had my AMEX card picked up by a remote scanner in the Grand Hyatt hotel lobby when checking in at San Juan, PR and a new card issued the next morning in Croatia. And my card had a security chip in it. In 30 minutes, $18,000 was charged on it before AMEX cut it off.

Strange stuff can happen in public places.
 
audreyh1 said:
Why? You talk to your financial institutions over an encrypted connection.
Click to expand...

True, but there is still more risk of a "man in the middle" attack on public WiFi. Why take that extra risk? Do you really need to log in to your bank/credit union/broker while connected through your hotel or coffee shop WiFi? Which may or may not actually be your hotel's or coffee shop's WiFi...

Anyway, if I need to check my balance on my phone or iPad cellular is more direct and less subject to man in the middle.
 
aja8888 said:
I understand your concern but, most restaurants have security cameras these days anyway. Someone looking over your shoulder... you would probably know if someone was. Personally, I wouldn't do any financial transactions over WIFI in a public place with a phone, tablet or laptop for other reasons.
Click to expand...
Exactly - security cameras everywhere in public places. You probably can't see many of them. Who knows who may be watching stuff at the other end.
 
On the news here in Chicago a few small groups of people are going up to folks on the street with a gun and demanding their cell phone, and making them unlock it before handing it over !!

I don't use my cell phone for banking, so I don't know, but if you pick up an unlocked phone, can you simply start the banking app to get access to the money ?
 
I remember there were TV news items about how quickly a phone was hacked during the winter Olympics in Russia.... one guy turned his on and was hacked in less than 10 minutes... and that was years ago....


I trust my home computers more than my phone... BTW, I do not do any banking (or anything else that requires my personal info) on my phone...
 
I've been using my phone more and more for business online banking, primarily the fantastic remote cheque deposit feature which saves my office manager from having to go to the bank 3-4 times a week as we get on average about 10 cheques in a week. In the last few months I've deposited over 100 cheques, zero errors and clear very quickly. Love it and very glad to hear its even more secure than my desktop computer.
 
Sunset said:
On the news here in Chicago a few small groups of people are going up to folks on the street with a gun and demanding their cell phone, and making them unlock it before handing it over !!

I don't use my cell phone for banking, so I don't know, but if you pick up an unlocked phone, can you simply start the banking app to get access to the money ?
Click to expand...
No - you need additional authentication. Some apps let you use fingerprint instead of your online password, but you still need username (although some can be configured to remember that I suppose). I leave it at username password has to be entered each time.
 
FWIW I wasn’t asking about using a mobile device on a public WiFi, I’d never consider that.

I was wondering if I was safer using a mobile device on my home WiFi vs my hardwired PC. I take every precaution I know of with my PC and connection and I have never been hacked. Some who say they’re certain they can’t be hacked might still be at risk. That’s what I as getting at.

Lots of major corporations with full time pro IT said and believed they were absolutely safe, until they weren’t. Hacking an individual isn’t as valuable as hacking a large database, so individuals have that going for them.
 
aja8888 said:
Not the same concern, but I had my AMEX card picked up by a remote scanner in the Grand Hyatt hotel lobby when checking in at San Juan, PR and a new card issued the next morning in Croatia. And my card had a security chip in it. In 30 minutes, $18,000 was charged on it before AMEX cut it off.
Click to expand...

The chip helps against physical card cloning, but not against use of the number for card-not-present transactions.
 
I have to agree that a phone or tablet using the bank's app is probably more secure that a general purpose computer using a browser. This assumes that the OS and the apps are being updated on a timely basis. Note: I found timely OS updates to be a big problem when I owned an Android phone. It's one reason I pay the Apple Tax. But, if the tax gets much bigger......

The idea of getting a Chromebook and using it only for financial transactions is a good way to handle financial security at home. Don't do anything else on it, and every month or so Powerwash it just in case. Google seems to be doing a good job of pushing updates through to the Chromebooks.

None of this helps if one does risky things like conduct one's financial business on public networks, or skips applying the updates.
 
Last edited:
You must log in or register to reply here.

Similar threads

2HOTinPHX
Best online bank for one stop shopping?
2
Replies
30
Views
3K
audreyh1
audreyh1
Midpack
What is your "post-PC" plan?
4 5 6
Replies
126
Views
11K
easysurfer
easysurfer
Midpack
Will Mobile Devices Bring Dramatic Changes?
2
Replies
25
Views
3K
Mulligan
Mulligan
Alan
Online bank security at login
Replies
23
Views
4K
obgyn65
obgyn65

Latest posts

Back
Top Bottom