Chase - is my money safe

masonic

techwatcher said:

Quolh said:

techwatcher said:

Quolh said:

I have a similar (but not identical) question. The Chase app is secured by either a 6 digit code or fingerprint.

Is that really enough security for savings of up to £250k (I wish!!!).

Have I missed something because that feels far too risky.

Like all security regimes it is a balance between security and usability and only you can decide whether Chase's arrangements are 'far too risky'.

As others have said, authentication on the Chase app is similar to other banking apps. Communications between the app and Chase's infrastructure will be secure. For an attacker to access your funds they would have to:

1. Have access to your device.
2. Authenticate to your device, which is presumably protected by a strong passcode, fingerprint or FaceID.
3. Obtain your 6 digit code for the Chase app.

In my view it's unlikely that an attacker would be able to access your funds but ultimately it's your decision as to whether you accept the risk. 

Ok, sure.

Just for comparison though, the NatWest app requires an 8-digit code - a little better. First Direct however allows a lengthy alphanumeric & special characters password. Maybe First Direct are going over the top but that is much more secure and I'm surprised at the simple nature of Chase's approach.

Longer and/or complex passwords are more secure against guessing or brute-force attacks. However, that's not the most likely attack vector. The most likely attack vectors in these circumstances are probably shoulder-surfing or an attacker forcing you to reveal the code. In either case password length or complexity will make little difference.

Exactly. Debit cards are protected by a 4 digit PIN. The reason this is sufficiently secure is that someone must possess both the card and the PIN, and cannot guess more than a few times without being locked out. Just as someone must possess your phone and passcode to get into the app. Add a screen lock protected by a complex password and you'll have more protection that you do with any of your bank cards.

Sarah1Mitty2

Deleted_User said:

jackiepanda said:

Stupid question but I’ve opening a Chase acc current and savings and planning to shift my Marcus savings into Chase. Feeling hesitant is it safe ?? Just can’t risk loosing any of my hard earned cash.

Why do you feel one large US Bank is safer than another large US Bank?
It's like thinking Lloyds is safer than Barclays. 

Isn`t it more about a phone being easier to hack than another type of computer system, for various reasons?

Albermarle

Sarah1Mitty2 said:

Deleted_User said:

jackiepanda said:

Stupid question but I’ve opening a Chase acc current and savings and planning to shift my Marcus savings into Chase. Feeling hesitant is it safe ?? Just can’t risk loosing any of my hard earned cash.

Why do you feel one large US Bank is safer than another large US Bank?
It's like thinking Lloyds is safer than Barclays. 

Isn`t it more about a phone being easier to hack than another type of computer system, for various reasons?

I'm no techy, but I always understood your phone was more secure than your laptop, and more secure again if you use 4G rather than wireless. 

masonic

Sarah1Mitty2 said:

Deleted_User said:

jackiepanda said:

Stupid question but I’ve opening a Chase acc current and savings and planning to shift my Marcus savings into Chase. Feeling hesitant is it safe ?? Just can’t risk loosing any of my hard earned cash.

Why do you feel one large US Bank is safer than another large US Bank?
It's like thinking Lloyds is safer than Barclays. 

Isn`t it more about a phone being easier to hack than another type of computer system, for various reasons?

The biggest risk is that the savings are being moved from a savings account with restricted withdrawal options to a de facto current account. A phone is normally exposed to a wider range of risks than a desktop computer in a private residence. The impact of that would depend on the action or inaction of the user in securing their device and keeping it updated. I'm not sure if the OP uses their phone to log in to Marcus, they could do so via their web browser, even though it doesn't have an app.

k_man

Sarah1Mitty2 said:

Deleted_User said:

jackiepanda said:

Stupid question but I’ve opening a Chase acc current and savings and planning to shift my Marcus savings into Chase. Feeling hesitant is it safe ?? Just can’t risk loosing any of my hard earned cash.

Why do you feel one large US Bank is safer than another large US Bank?
It's like thinking Lloyds is safer than Barclays. 

Isn`t it more about a phone being easier to hack than another type of computer system, for various reasons?

While trying not to over generalise, this is only likely to be true if comparing:
an old unsupported, no longer updated mobile (e.g Android 8 or below), or a rooted mobile, with apps installed from unofficial sources
to
a PC on a supported OS, with latest updates installed, and with the user not running as an administrator

In most scenarios between, the mobile is far more secure

sebtomato

Sarah1Mitty2 said:

Deleted_User said:

jackiepanda said:

Stupid question but I’ve opening a Chase acc current and savings and planning to shift my Marcus savings into Chase. Feeling hesitant is it safe ?? Just can’t risk loosing any of my hard earned cash.

Why do you feel one large US Bank is safer than another large US Bank?
It's like thinking Lloyds is safer than Barclays. 

Isn`t it more about a phone being easier to hack than another type of computer system, for various reasons?

I think modern smart phones are more secure than the average computer/laptop.

For instance, device storage might be encrypted, and apps may only come from trusted sources/app stores. Usually not the case on many personal computers.

You are of course more likely to lose a phone than a computer, but if found, will probably be reset rather than hacked.