Is mobile banking more secure than desktop banking?

mksysb · 20 November 2019 at 6:23PM

One safe way to access the bank app on a windows 10 machine would be to install linux in a virtual machine and just use that exclusively to connect to your bank.

Takmon · 20 November 2019 at 7:11PM

arciere wrote: »

I am afraid that's definitely not you then.
Please explain it to me: if you connect to your "home VPN" to browse websites, let's say your bank's website, how does your router (or whatever device you use to receive incoming VPN connections) connect to the bank's website? Let me guess....it uses the open internet without any VPN!
So, this additional useless step, what exact benefit you think it gives you?

This stops people on the same unsecured Wi-Fi network from intercepting the data. Let's say someone wanted to harvest peoples data in an attempt get something they could exploit. They can setup an unsecured Wi-Fi network in a public place that appears to be the free Wi-Fi. People will connect to this and they can then start trying to get data. So if you use a VPN they will be unable to get any of your data at all.

It's so easy to do this that using a VPN eliminate this risk. Yes the data is sent from my home network over the open internet but you can't just randomly intercept this unless you have access to the servers it passes through.

So using a VPN stops the easiest way to harvest data by using public Wi-Fi networks.

arciere wrote: »

Sorry I missed this highly confused statement. What is the connection between 'open ports' and public WiFi? Do you have any idea how this actually works?
Do you know that, if you want to avoid opening ports on the firewall (which is a good thing), you need to have a VPN connection between YOU and the END DEVICE.
If you want to access a generic website, or your bank's website, do you understand that unless you have a private VPN connection between YOU and THE BANK, having one that terminates somewhere in the middle is absolutely unnecessary and useless?

Read what i said again the devices with the web interfaces are directly connected to my home network. These devices cannot be accessed outside of this network so it makes them secure. I use my VPN to connect to my network then access the web interface of these devices.

You seem to think VPN's are pointless so the other method would be for me to forward the port on my router and anyone with my IP address can access these over the web which would be stupid.

arciere · 21 November 2019 at 1:05AM

Takmon wrote: »

This stops people on the same unsecured Wi-Fi network from intercepting the data. Let's say someone wanted to harvest peoples data in an attempt get something they could exploit. They can setup an unsecured Wi-Fi network in a public place that appears to be the free Wi-Fi. People will connect to this and they can then start trying to get data. So if you use a VPN they will be unable to get any of your data at all.

It's so easy to do this that using a VPN eliminate this risk. Yes the data is sent from my home network over the open internet but you can't just randomly intercept this unless you have access to the servers it passes through.

So using a VPN stops the easiest way to harvest data by using public Wi-Fi networks.

Read what i said again the devices with the web interfaces are directly connected to my home network. These devices cannot be accessed outside of this network so it makes them secure. I use my VPN to connect to my network then access the web interface of these devices.

You seem to think VPN's are pointless so the other method would be for me to forward the port on my router and anyone with my IP address can access these over the web which would be stupid.

You seem to have completely ignored the part on HTTPS. Whatever you send over HTTPS (which is 95% of the commonly visited websites), cannot be intercepted because it's encrypted irrespective of the WiFi. You don't need VPN because it's useless, you already have an encrypted connection.
That being said, VPN have their place, and that's when you need to access otherwise inaccessible resources. I have been using VPNs daily for the past 15 years. The problem is when people use (and even pay for) VPN services for general browsing because they have no clue how they actually work and how you're not required, nor is advisable, to connect to a VPN provider before your open you bank's website. It offers absolutely no added protection.

psychic_teabag · 21 November 2019 at 11:32AM

arciere wrote: »

You seem to have completely ignored the part on HTTPS. Whatever you send over HTTPS (which is 95% of the commonly visited websites), cannot be intercepted because it's encrypted irrespective of the WiFi.

While https takes care of traffic once your device has chosen a web site to connect to, there's still the problem that a fake wifi access point controls (your access to) name resolution, and so can direct your browser to any website it wants. No point having a secure connection to a faked web server.

(FWIW I don't use a VPN.)

arciere · 21 November 2019 at 12:28PM

psychic_teabag wrote: »

While https takes care of traffic once your device has chosen a web site to connect to, there's still the problem that a fake wifi access point controls (your access to) name resolution, and so can direct your browser to any website it wants. No point having a secure connection to a faked web server.

(FWIW I don't use a VPN.)

That's a non-issue in my book. If you try to impersonate a website, you get warnings everywhere in regards to the website's certificate being untrusted. If, despite all the warnings, you decide to continue on that website, the weakness is not the system but it's you.

And by the way, nothing stops you from using your own DNS servers on a WiFi hotspot.

AndyPix · 25 November 2019 at 4:24PM

Takmon wrote: »

This stops people on the same unsecured Wi-Fi network from intercepting the data. Let's say someone wanted to harvest peoples data in an attempt get something they could exploit. They can setup an unsecured Wi-Fi network in a public place that appears to be the free Wi-Fi. People will connect to this and they can then start trying to get data. So if you use a VPN they will be unable to get any of your data at all.
.

The only data visible is that which is sent in plain text … ie next to nothing - almost every site that requires the exchange of information is protected by ssl these days (https) and so is encrypted anyway by its very nature.
And your best practices should dictate that you refuse to enter any info into a site that doesn't have the padlock sign in the browser anyway , so absolutely no need for a VPN in this scenario.

If you connect to a shady wifi (or indeed if your own wifi is cracked) then the things you need to worry about are arp cache poisoning, and the spoofing of your default gateway.
None of which a VPN will protect you from..

You kind of made my point nicely for me though, that those with a little knowledge about the subject, can spread the myth that VPNs are needed, by using words and terminologies that the layman doesn't understand.

Im not even sure that you understand it yourself tbh - otherwise you would not be pressing the point

To sum up - if you see the HTTPS at the beginning of your url, then the data is encrypted anyway - all a vpn will do is slow down your connection and ADD a point of potential insecurity

Takmon · 25 November 2019 at 6:48PM

AndyPix wrote: »

The only data visible is that which is sent in plain text … ie next to nothing - almost every site that requires the exchange of information is protected by ssl these days (https) and so is encrypted anyway by its very nature.
And your best practices should dictate that you refuse to enter any info into a site that doesn't have the padlock sign in the browser anyway , so absolutely no need for a VPN in this scenario.

If you connect to a shady wifi (or indeed if your own wifi is cracked) then the things you need to worry about are arp cache poisoning, and the spoofing of your default gateway.
None of which a VPN will protect you from..

You kind of made my point nicely for me though, that those with a little knowledge about the subject, can spread the myth that VPNs are needed, by using words and terminologies that the layman doesn't understand.

Im not even sure that you understand it yourself tbh - otherwise you would not be pressing the point

To sum up - if you see the HTTPS at the beginning of your url, then the data is encrypted anyway - all a vpn will do is slow down your connection and ADD a point of potential insecurity

Well i know that the purpose of a VPN is to securely access resources on a network that you don't want available publicly on the open web. This is why i setup a VPN at home to monitor devices on my local network. But maybe it doesn't offer as much additional protection for general web surfing like i thought.

debitcardmayhem · 25 November 2019 at 8:49PM

Takmon wrote: »

Well i know that the purpose of a VPN is to securely access resources on a network that you don't want available publicly on the open web. This is why i setup a VPN at home to monitor devices on my local network. But maybe it doesn't offer as much additional protection for general web surfing like i thought.

A VPN will not help with devices on your local network, you need firewalls for that

Takmon · 25 November 2019 at 9:28PM

debitcardmayhem wrote: »

A VPN will not help with devices on your local network, you need firewalls for that

I use the VPN to access the devices on my local network when I'm not at home.

debitcardmayhem · 25 November 2019 at 9:56PM

Takmon wrote: »

I use the VPN to access the devices on my local network when I'm not at home.

OK I didn't pick that up from you post, I have a router with its own VPN.

Is mobile banking more secure than desktop banking?

Comments

Confirm your email address to Create Threads and Reply

🚀 Getting Started

Categories

Is this how you want to be seen?

Get our FREE Weekly email full of deals & guides - and it’s spam-free