We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
The Forum now has a brand new text editor, adding a bunch of handy features to use when creating posts. Read more in our how-to guide
App based bank security
Comments
-
Does Quality Street still come in metal tins? So much more secure than the new plastic ones.Yellowman said:
I was seriously thinking about keeping my money as cash under the bed.1 -
Just started watching it. The QR code scan from an email opening on a remote machine boggled my mind. Do we know which online only bank it was concerning? Ive never seen QR code logins for anything financial.qbs said:Lots of interesting comments.
If anybody commenting hasn't watched the programme, please do and give your theories on how the various scams operated. Some were pretty obvious - a bit like hooking and playing a fish. The fast food woman at the beginning and the blonde woman at the end weren't so clear.0 -
Cynergy and Al Ryan use QR Code logins.0
-
Like many similar TV programmes of the ooh, wow, look at that etc variety, there's a lack of the critical information you need to make an objective assessment.P1Fanatic said:
Just started watching it. The QR code scan from an email opening on a remote machine boggled my mind. Do we know which online only bank it was concerning? Ive never seen QR code logins for anything financial.qbs said:Lots of interesting comments.
If anybody commenting hasn't watched the programme, please do and give your theories on how the various scams operated. Some were pretty obvious - a bit like hooking and playing a fish. The fast food woman at the beginning and the blonde woman at the end weren't so clear.0 -
What Al Rayan is doing is displaying a Cronto image on a desktop browser in order for the user to view online banking on a larger screen. The user still needs to log in to the Al Rayan app and then must scan the image using the app. The image is useless unless you have the user's logged in mobile device (which itself gives you full access to online banking).Yellowman said:Cynergy and Al Ryan use QR Code logins.
0 -
Quite right, nothing is foolproof, whether you're securing cash and valuables at home, doing your banking via branch, making card payments, using an ATM, walking around with a wallet and/or phone, writing cheques, telephone banking, online banking, app banking etc. Risk of loss can never be zero, so the pragmatic approach is to try to understand the risks, take reasonable precautions, and get on with your life. Where you lose money through liability of another party, then there is at least a prospect of recovering it from them, which is easier to do if you can show you took those reasonable precautions. We each have to choose which risks we take, as there is no risk free option.qbs said:It never ceases to amaze me how much faith people have in systems being foolproof. Sadly, there's no such thing, and clearly, there appear to be major flaws in some banking apps.
Anyone who thinks otherwise is deluding themselves.
The people creating these apps are unlikely to be any different from those who designed the Boeing 737 Max MCAS system, ignoring basic engineering principles and creating a sytem that was vulnerable to a single point failure.
3 -
masonic said:Yellowman said:Cynergy and Al Ryan use QR Code logins.
What Al Rayan is doing is displaying a Cronto image on a desktop browser in order for the user to view online banking on a larger screen. The user still needs to log in to the Al Rayan app and then must scan the image using the app. The image is useless unless you have the user's logged in mobile device (which itself gives you full access to online banking).
It still allows a remote user to log in by sending the code/image to the unsuspecting customer, who authenticates on their mobile and then scans the code, immediately granting the remote user account access, which was demonstrated in the show (it was a fintech).
1 -
Part of the problem is the illusion of security that banks create to protect themselves.masonic said:
Quite right, nothing is foolproof, whether you're securing cash and valuables at home, doing your banking via branch, making card payments, using an ATM, walking around with a wallet and/or phone, writing cheques, telephone banking, online banking, app banking etc. Risk of loss can never be zero, so the pragmatic approach is to try to understand the risks, take reasonable precautions, and get on with your life. Where you lose money through liability of another party, then there is at least a prospect of recovering it from them, which is easier to do if you can show you took those reasonable precautions. We each have to choose which risks we take, as there is no risk free option.qbs said:It never ceases to amaze me how much faith people have in systems being foolproof. Sadly, there's no such thing, and clearly, there appear to be major flaws in some banking apps.
Anyone who thinks otherwise is deluding themselves.
The people creating these apps are unlikely to be any different from those who designed the Boeing 737 Max MCAS system, ignoring basic engineering principles and creating a sytem that was vulnerable to a single point failure.
As an example, I've experienced problems with internet banking when I've been opening a new account.
It should be easy, but then comes the call from the bank's overseas call centre (you're bank will never call you???) to run security checks. First they want to go through security (your bank will never ask you security questions???), so that's a bit of a concern. However, I've found that giving them a wrong answer or two gives me the chance to reverse security check "the bank". It takes a bit longer, and they're not always amused, but it's my money and I'm paying them for the service so they can like it or lump it.
The rest of the process once they're happy that they're speaking to the correct person is a waste of time. There's nothing in the Q&A that gives me, the customer, any protection, but it protects the bank.
I've had calls that were barely audible or intelligible, which obviously raises concerns as to who is calling.
I raised the matter of these calls with my bank at executive level, and got nowhere.
I've got to the point now of carrying out such transactions by cheque now, if at all possible.
Going back to the TV programme, if some of those had reverse security checked the caller, they'd probably have had a shorter call and lost no money.0
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 353.5K Banking & Borrowing
- 254.2K Reduce Debt & Boost Income
- 455K Spending & Discounts
- 246.6K Work, Benefits & Business
- 602.9K Mortgages, Homes & Bills
- 178.1K Life & Family
- 260.6K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 37.7K Read-Only Boards