Best current account website?

stehouk

In my opinion apps are the future that's why they are promoted so much by all businesses, my kids don't even have a laptop nor do they have a landline (neither do i ) everything now is geared towards mobile access, i'm in my mid 50s and i'm a bit of a techie so i'm always on the look out for the latest gadget, i also think that the security on mobiles is safer than using an old pc/laptop to do banking or booking's online, i might be wrong but if someone got hold of my mobile it would be harder for them to access it than it would my laptop.

ValiantSon

stehouk wrote: »

In my opinion apps are the future that's why they are promoted so much by all businesses, my kids don't even have a laptop nor do they have a landline (neither do i ) everything now is geared towards mobile access, i'm in my mid 50s and i'm a bit of a techie so i'm always on the look out for the latest gadget, i also think that the security on mobiles is safer than using an old pc/laptop to do banking or booking's online, i might be wrong but if someone got hold of my mobile it would be harder for them to access it than it would my laptop.

I'm not convinced that the security of app based banking is necessarily greater than online banking:

• The chances of someone getting hold of your phone are much greater than of them getting hold of your laptop/pc. You carry your phone around with you: it can be more easily lost or stolen.
• The app is installed on the phone, so someone who does get access to your phone can see that you bank with a particular bank. If someone gets hold of your laptop/pc the same is not true (if you routinely clear cookies and browsing history - this can be automated in most browsers).
• The log in details for any particular bank should be known only to you, so accessing them through either platform should only be possible for you, unless you have used incredibly weak passwords.
• Most banks (if not all) require a user identity; password; and code or memorable information. That is three unique pieces of information that a fraudster would have to find out. Using a phone doesn't make that any harder, and using a pc/laptop doesn't make it any easier.
• Several banks also require security keys. The fraudster would need the physical token to access the account as well. I know that not all banks require this, but a lot do. (I am unsure how secure First Direct's app based token is, however. If they've already got into your phone then what barriers are them to using that? The physical token seems a much better bet).
• Many people protect access to their phones using passcodes or fingerprint recognition, but a pc/laptop can also be protected with a password (indeed, with Windows 10, this has become the default).
• Lots of banks make use of one time passcodes to authorise new payments. These are normally delivered or confirmed via automated phonecall or text message. If the fraudster has managed to get into your online baking they would still need your mobile phone to actually get any money out. I do not know how this works on an app, but if it is similar to the online banking system then it is actually weaker; if they have accessed your app then they have your phone and will be able to make use of the one time passcode. If it works differently (please let me know) then there is still a physical barrier to accessing online accounts because you also need the mobile phone.

App based banking is not more secure than online banking. It is a different platform that offers greater access to your account while away from home. This may be of value to some people, and it is true that Generation Y/Millennials are more likely to favour it because it fits with their world view that mobile phones are the greatest invention in the history of mankind, but that doesn't make it better. There are many of us still in Generation X, and the Baby Boomers, who don't want to use apps (before I am attacked, I said "many", not "all") and continue to prefer using online banking, just as there are those who much prefer to use branches for most of their banking. My father, for example, does most of his banking online, while my father-in-law prefers to use a branch: my father-in-law is two years younger than my father.

Is it the future? Depends what you mean by that. I suspect that technology will have changed sufficiently in the next 20 years for modern app based banking to seem antiquated. It is a parallel platform that offers an alternative form of banking, not a direct competitor.

telemarks

I'm a long time First Direct user, and to be honest I'm "used" to it and it doesn't bother me.

But in recent switches I've found:

• Nat West - Many page timeouts on login, and just don't like it too many double clicks to get there.
• TSB - was OK
• Halifax - my favorite of the few so far, seems to work well
• Tesco - worst of the lot, looks like (and probably is) several systems stitched together

18cc

I would agree with a lot of the above, but in my mind app banking is much more secure that a laptop/browser for the following reason.


An app is a walled garden. It cannot be hacked, penetrated, phished or become virus ridden. As long as you don't tell anyone your app PIN (or whatever) then no-one can get into your app. You can lose your phone - or indeed hand it to a fraudster! - and your banking will be 100% safe.


Not true of laptop/browser based banking. It is not a walled garden. You can be sent to phishing / harvesting sites. You can get key loggers installed or other viruses. There is therefore a much greater (although small) risk that you could have your banking details compromised.

ValiantSon

18cc wrote: »

I would agree with a lot of the above, but in my mind app banking is much more secure that a laptop/browser for the following reason.


An app is a walled garden. It cannot be hacked, penetrated, phished or become virus ridden. As long as you don't tell anyone your app PIN (or whatever) then no-one can get into your app. You can lose your phone - or indeed hand it to a fraudster! - and your banking will be 100% safe.


Not true of laptop/browser based banking. It is not a walled garden. You can be sent to phishing / harvesting sites. You can get key loggers installed or other viruses. There is therefore a much greater (although small) risk that you could have your banking details compromised.

Do you honestly believe that there are no exploitable weaknesses in the code used to write apps, or in the operating systems installed on mobile devices? If you do then you are mistaken.

mgdavid

I use FD, TSB, Santander, Barclays and Tesco. Purely from a screen layout & usage point of view Santander is OK but a bit bright and cluttered; Barclays is head and shoulders above the others, and I like the link through to my Barclaycard account without further authentication.

EarthBoy

mgdavid wrote: »

Barclays is head and shoulders above the others, and I like the link through to my Barclaycard account without further authentication.

Don't all banks let you manage your current account and credit card in the same app? TSB, Lloyds, Halifax, Nationwide and First Direct certainly do. You don't need any further authentication with any of these.

Martinslovechild

ValiantSon wrote: »

Do you honestly believe that there are no exploitable weaknesses in the code used to write apps, or in the operating systems installed on mobile devices? If you do then you are mistaken.

This is so true!!

I work in I.T. so I completely understand the relative weaknesses of apps compared to browsers. Apps are certainly no "walled garden" just as browsers cannot be "easily hacked". Perception is at fault here.

In my first post, I mention that First Direct have basically left open a giant-sized hole which tells the user (hacker) that the Login ID they've entered is valid or invalid. Consider this for a moment - you're attempting to login as another person and you suddenly know one valid piece of their login details - what's the point of even having security on a website which tells you that the Login ID exists or not??!!

18cc

Well everybody is of course entitled to their opinion but I would only point out that there have been zero and I mean zero cases of an app being hacked on a Phone compared with the numerous number of people who have had their banking details compromised whilst using a desktop browser over the years

Nobody is saying that bank apps are 100% perfect nothing is perfect in the IT world but you are far less likely to have problems using an app then you are using a desktop and browser (even though problems on the latter are still small compared with the total number of users)

Just one example I am always getting emails saying unrecognised transaction on your current account please click this link to log in and check it etc etc I'm sure everybody gets these phishing attacks click on the link and you are sent to a false website which looks like your bank and which harvests your log on details things like this simply do not happen with apps

Despite what has been said on here an app is very very much a Walled Garden and if you think it isn't please describe an attack vector that will allow fraudsters to access to a banking app and I don't mean something as simple as a keylogger which would harvest your pin

DCFC79

I find Barclays is a PITA when logging in, its either use the card reader or the phone app.

RBS is ok for me, Im used to the layout.

TSB, Halifax and Lloyds again are fine, because they use the same layout I found it was easy to get used to.

Tesco as above is easy to navigate.