Are Apps more secure than browsers ?

Poll: What is most secure for your bank via phone, web or app

  • Both are about same for data security

    Votes: 8 36.4%
  • App and Wi-Fi

    Votes: 0 0.0%
  • App and cell network

    Votes: 4 18.2%
  • Browser and Wi-Fi

    Votes: 8 36.4%
  • Browser and cell network

    Votes: 4 18.2%

  • Total voters
    22

RetireBy90

Thinks s/he gets paid by the post
Joined
Feb 24, 2009
Messages
1,742
Location
Cville
Regarding banking with your cell phone:
Wondering what others think about using an app vs browser regarding security. It seems that an app not using regular web protocols would be more secure.
Another thought is using an app with Wi-Fi turned off so data must use cell network which should be more secure.
Thoughts ?
 
I prefer browser over app. The only time I use a banking app is to deposit a check, which I can’t do by browser.

One of my daughters uses an app to access her brokerage account. I use the browser for the same brokerage and find the app has less functionality.
 
I think they're about the same AS LONG AS you are using the app on cellular or a secure WiFi connection. You shouldn't do sensitive financial stuff on a public/open network.
 
I think they're about the same AS LONG AS you are using the app on cellular or a secure WiFi connection. You shouldn't do sensitive financial stuff on a public/open network.
Without knowing much about the apps, I agree.

I'm pretty sure people can write lousy apps.
I know when using a browser, I can see its using the https protocol, so encrypting information between browser and bank. You would hope an app does that also but no way to see during use.
Also, never know if an app is replaced in the app store by a fake one.
 
I was referring to an App running on a desktop or laptop computer
 
A browser is an app, aka an application program.

IMO the question should be "What is most secure for your bank, access via phone app or access via home desktop. computer"

The answer to that question is IMO easy. A home computer is not available for bad guys to hack directly, only via malware downloaded from the web. A phone is vulnerable to malware but it is also vulnerable to being lost or stolen, ending up physically in some bad guy's hands. At that point it is hugely vulnerable to being compromised. It is also vulnerable if its owner is the victim of a bad guy trying to force the owner to access or transfer money via apps or passwords that are on the phone.

Hence, I have absolutely no financial apps or data on my phone. For example, it would be handy to have Zelle on my Schwab account, but the only way this can be done is to load the Schwab app on my phone. So Zelle is out of bounds for me.

Even paranoids have enemies.
 
I can't lose my home computer unless someone breaks in and steals it. . . I can easily lose my phone.
And IMO most apps gather far more data on you than they need. No they don't need my exact location, my address book, etc.
 
It depends.

A well written app that only does the few things needed to complete a financial task, and does not ask for other permissions it does not need, and encrypts data both ways, would probably be safer than a browser.

Some Browsers such as FireFox and Brave are built with more privacy in mind. Same with search engines like DuckDuckGo. I have given up on Google for searches unless I am desperate.

I am bit surprised that FireFox is not more popular. It takes privacy more seriously than Chrome, IMO. Toss in NoScript and Ublock Origin and that will really beef up its overall security level, IMO.

Apple people can also use the Apple browser which, IMO, seems more private and secure than Google’s Chrome. Especially privacy.

All of the above assumes you don’t lose custody of your computer, phone, tablet, etc. If you do, all bets are off.

All of the above is just my opinion based on my study of computer privacy and security. Things can change fast in that area.
 
Last edited:
Some Browsers such as FireFox and Brave are built with more privacy in mind. Same with search engines like DuckDuckGo. I have given up on Google for searches unless I am desperate.

I am bit surprised that FireFox is not more popular. It takes privacy more seriously than Chrome, IMO. Toss in NoScript and Ublock Origin and that will really beef up its overall security level, IMO.

I use Firefox as I believe it is more secure than edge or chrome. Just my belief. However last year I started having problems using Firefox with Fido for some actions, and it isn’t supported with some gov web sires.
Security of your data and credentials are of course subject to physical security. I am curious if major banks and brokers like Fido have extra security because they use the cell network, if it is more secure than regular internet.
 
A browser is an app, aka an application program.

IMO the question should be "What is most secure for your bank, access via phone app or access via home desktop. computer"

The answer to that question is IMO easy. A home computer is not available for bad guys to hack directly, only via malware downloaded from the web. A phone is vulnerable to malware but it is also vulnerable to being lost or stolen, ending up physically in some bad guy's hands. At that point it is hugely vulnerable to being compromised. It is also vulnerable if its owner is the victim of a bad guy trying to force the owner to access or transfer money via apps or passwords that are on the phone.

Hence, I have absolutely no financial apps or data on my phone. For example, it would be handy to have Zelle on my Schwab account, but the only way this can be done is to load the Schwab app on my phone. So Zelle is out of bounds for me.

Even paranoids have enemies.
I'm with OldShooter. Way too much random communication happening on my cell phone and I don't trust adding a bunch of free apps on it and then using it for my finances.
 
A phone is vulnerable to malware but it is also vulnerable to being lost or stolen, ending up physically in some bad guy's hands. At that point it is hugely vulnerable to being compromised. It is also vulnerable if its owner is the victim of a bad guy trying to force the owner to access or transfer money via apps or passwords that are on the phone.
A lost phone is not vulnerable as long as you have used common sense basic security like a 6-digit PIN or FaceID. Without that info your phone is useless to criminals. Plus, if you lost it you should immediately remote wipe it using the 'Find My' feature (iPhone) or the Android equivalent.

If a 'bad guy' is forcing you to access or transfer money, they could also force you to download apps on your phone and use them, or make you drive to an ATM or your house and do the same on your home desktop PC. If you are being accosted at gunpoint your lack of apps on your phone isn't much of a deterrent.
 
It's all roughly the same, from a technical perspective because they all have data encrypted before it goes over the connection.

One difference is that the browser is general-purpose and can typically be opened, and history examined without authentication. Of course both the browser and dedicated application are behind device level authentication scheme is employed.

It's my opinion that if you are concerned about getting hacked, this is not an important question; both are about the same.

Anyone who's been reading topics like this know that I'm a broken record about getting hacked by allowing the bad guys to get into your email; they just click "forgot password" and it's over.
 
Regarding banking with your cell phone:
Wondering what others think about using an app vs browser regarding security. It seems that an app not using regular web protocols would be more secure.
Another thought is using an app with Wi-Fi turned off so data must use cell network which should be more secure.
Thoughts ?
An app or a browser connecting to your financial institution are both going to be using https/tls/ssl which is quiet secure. There is no difference (security-wise) in going over the internet or using the cell phone data network.
 
I don't bank on a phone, but I chose the cell options in the poll. I prefer to use my computer over a wired LAN to the internet.

Not all Wi-Fis are equal. I would never use a Wi-Fi not protected by a password. I avoid using Wi-Fis that use a password that I didn't choose/control. Even then, I don't use my home Wi-Fi to bank. I use a wired LAN.
 
I did not vote because the options did not apply to me. I NEVER use a phone APP for any financial transaction. It needs a "None of the Above" Option.

My Vote:
A Browser on my own Router with firewall setup by me. WiFi anywhere other than your home secured network is a recipe for trouble.
 
An app or a browser connecting to your financial institution are both going to be using https/tls/ssl which is quiet secure. There is no difference (security-wise) in going over the internet or using the cell phone data network.
Good point. I shoulda remembered ssl we used to use.
Thanks for reminding me 👍
 
I wonder if those that are so conservative with restricting WiFi use or mobile app use are as restrictive of IOT devices on their home network. Most people never think about it, but if you plug in a device on your Ethernet or give a device your WiFi password, it's very possible that they're snooping your network activity, at a minimum. And if that IOT device gets hacked, it's no different than giving a hacker access to Linux box on your network. So many foreign-made, cheap devices never get security updates and are built on platforms that routinely have vulnerabilities exposed. I have a separate router for IOT stuff, but it's a pain because I have to switch to a different WiFi to access the IOT devices. But this is the security thing I think about, not about sending data I know is encrypted across one or the other connectivity infrastructure.
 
Back
Top Bottom