Is mobile banking more secure than desktop banking?

arciere

Frozen_up_north wrote: »

It's not me saying that, I am quoting from the Which? report.

Yes sorry, I was actually referring to Which?

Frozen_up_north wrote: »

Personally, I generally use a VPN and always use one with free WiFi on the rare occasions where I have no mobile coverage.

Actually VPN doesn't have any benefit at all in this case (if anything, it would be less secure as you are sending all your sensitive data, like usernames and passcodes, to a remote server in a remote location owned by unknown companies). The connection between the VPN provider and your bank is EXACTLY the same as the connection between you and your bank. So why would you think it's safer?

DigForVictory

I feel my mobile is safer as I am in full control over who has physical access to it.

Which, despite all the technology, seems a comfort.

If someone is determined to do malicious things, they’ll likely succeed but if it involves laying hands in my tech, my phone is safer.
<having thus laid myself open to The Fates, I will probably drop the device into a drain or something.>

Takmon

arciere wrote: »

Actually VPN doesn't have any benefit at all in this case (if anything, it would be less secure as you are sending all your sensitive data, like usernames and passcodes, to a remote server in a remote location owned by unknown companies). The connection between the VPN provider and your bank is EXACTLY the same as the connection between you and your bank. So why would you think it's safer?

That's incorrect, a VPN encrypts all your data travelling from your device to the VPN server. So when using public Wi-Fi none of your data can be intercepted and read by other users on the same network.

If your not using a VPN then browsing general websites won't have any security at all and this data can be easily intercepted. When you go to a secure site such as your bank the VPN add's an extra level of encryption to make it even more secure.

Yes the VPN sever could be dodgy but that's why you make sure you use a reputable one. You can also setup a VPN sever in your home to use when your out and about.

arciere

Takmon wrote: »

That's incorrect, a VPN encrypts all your data travelling from your device to the VPN server. So when using public Wi-Fi none of your data can be intercepted and read by other users on the same network.

Banks don't rely on 'wireless encryption'. Banks rely on their own encryption when you visit their website or open their app. Such encryption is exactly the same whether it is you opening the website or the VPN provider on your behalf.
Even in the case of an open wifi hotspot, nobody can see any details because data is transferred over HTTPS and the only things that could (potentially) be visible would be an encrypted message.

arciere

Takmon wrote: »

If your not using a VPN then browsing general websites won't have any security at all and this data can be easily intercepted. When you go to a secure site such as your bank the VPN add's an extra level of encryption to make it even more secure.

Incorrect, pretty much all websites now are on HTTPS, which means that traffic is encrypted irrespective of how your device is connected to the internet (Ethernet, WiFi, mobile data).
If you visit simple HTTP website, then you shouldn't send any sensitive information ANYWAY, even if you were using a private WiFi connection or a cable (or even a VPN connection that makes you feel so safe).

AndyPix

Takmon wrote: »

That's incorrect, a VPN encrypts all your data travelling from your device to the VPN server. So when using public Wi-Fi none of your data can be intercepted and read by other users on the same network.

If your not using a VPN then browsing general websites won't have any security at all and this data can be easily intercepted. When you go to a secure site such as your bank the VPN add's an extra level of encryption to make it even more secure.

Yes the VPN sever could be dodgy but that's why you make sure you use a reputable one. You can also setup a VPN sever in your home to use when your out and about.

And this, ladies and gentleman, is the all too common misconception about VPNs, and why everyone seems to think they need one these days !
Very clever marketing and rumour whispering by the VPN companies and their paid affiliates


They say a little knowledge is a dangerous thing ….

dipsomaniac

VPN???? What is a vpn? In 30 years of computing I have never used one. What am I missing?

Takmon

AndyPix wrote: »

And this, ladies and gentleman, is the all too common misconception about VPNs, and why everyone seems to think they need one these days !
Very clever marketing and rumour whispering by the VPN companies and their paid affiliates

They say a little knowledge is a dangerous thing ….

VPN's do encrypt data between the server and the device being used that is a fact. If you use public Wi-Fi and use a VPN then none of your data can be intercepted and understood by people using devices on the same network.

arciere wrote: »

Incorrect, pretty much all websites now are on HTTPS, which means that traffic is encrypted irrespective of how your device is connected to the internet (Ethernet, WiFi, mobile data).
If you visit simple HTTP website, then you shouldn't send any sensitive information ANYWAY, even if you were using a private WiFi connection or a cable (or even a VPN connection that makes you feel so safe).

arciere wrote: »

Banks don't rely on 'wireless encryption'. Banks rely on their own encryption when you visit their website or open their app. Such encryption is exactly the same whether it is you opening the website or the VPN provider on your behalf.
Even in the case of an open wifi hotspot, nobody can see any details because data is transferred over HTTPS and the only things that could (potentially) be visible would be an encrypted message.

VPN's allow a secure connection across the internet and prevent unencrypted data from being intercepted.

I have my own VPN on a computer at home. I have devices connected to the network which can be controlled using a web interface. Using your logic i should just open the ports in my routers firewall and connect to it directly on public Wi-Fi because VPN's offer no benefit....

Anyone who knows a thing about network security will know that would be a stupid idea and connecting to the network via a VPN means i have a secure connection and nobody can intercept my data.

arciere

Takmon wrote: »

Anyone who knows a thing about network security will know that would be a stupid idea and connecting to the network via a VPN means i have a secure connection and nobody can intercept my data.

I am afraid that's definitely not you then.
Please explain it to me: if you connect to your "home VPN" to browse websites, let's say your bank's website, how does your router (or whatever device you use to receive incoming VPN connections) connect to the bank's website? Let me guess....it uses the open internet without any VPN!
So, this additional useless step, what exact benefit you think it gives you?

arciere

Takmon wrote: »

I have my own VPN on a computer at home. I have devices connected to the network which can be controlled using a web interface. Using your logic i should just open the ports in my routers firewall and connect to it directly on public Wi-Fi because VPN's offer no benefit....

Sorry I missed this highly confused statement. What is the connection between 'open ports' and public WiFi? Do you have any idea how this actually works?
Do you know that, if you want to avoid opening ports on the firewall (which is a good thing), you need to have a VPN connection between YOU and the END DEVICE.
If you want to access a generic website, or your bank's website, do you understand that unless you have a private VPN connection between YOU and THE BANK, having one that terminates somewhere in the middle is absolutely unnecessary and useless?