We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
What is the safest technical setup for online banking ?
Monanore
Posts: 75 Forumite
Those of us who avoid online banking may soon have no choice but to use it. Given the current threat landscape, what is the safest set-up ? So far here's what I think :
PC, definitely not smartphone.
Dedicated PC - no other uses or apps, no deviating from established urls, no links of course.
Not Windows. But, Apple or Linux ?? With or without AV ?
VPN - is it safe to entrust money traffic to a 3rd party ?
What sort of protection for PC to router signal ?
I'd love to hear your ideas.
0
Comments
-
Er... a smartphone using banking apps is much more secure than any PC using banking websites on a browser.20
-
You do not need a VPN. Anyone that claims you do is selling snake oil. I could explain why you don't, but the explanation wouild be need to be very technical.Monanore said:VPN - is it safe to entrust money traffic to a 3rd party ?
Proud member of the wokerati, though I don't eat tofu.Home is where my books are.Solar PV 5.2kWp system, SE facing, >1% shading, installed March 2019.Mortgage free July 20237 -
Why are you avoiding it? Online banking is awesome. If you're really worried go for an Apple iPhone or iPad with face ID but the versions with touchID will be okay as well. An Apple Mac would be a possibly safer alternative to a Windows PC. The new M4 Mac mini for £699* is a great option. I use a Mac and don't worry about AV and on my Windows PCs I use the built in AV (but I don't go to dodgy sites). I don't bother with VPNs for banking.Monanore said:Those of us who avoid online banking may soon have no choice but to use it. Given the current threat landscape, what is the safest set-up ? So far here's what I think :PC, definitely not smartphone.Dedicated PC - no other uses or apps, no deviating from established urls, no links of course.Not Windows. But, Apple or Linux ?? With or without AV ?VPN - is it safe to entrust money traffic to a 3rd party ?What sort of protection for PC to router signal ?I'd love to hear your ideas.
*Plus monitor, keyboard and mouse but you probably have these already.1 -
Firstly - Smart phones are significantly more secure than PCs/Laptops.Monanore said:Those of us who avoid online banking may soon have no choice but to use it. Given the current threat landscape, what is the safest set-up ? So far here's what I think :PC, definitely not smartphone.Dedicated PC - no other uses or apps, no deviating from established urls, no links of course.Not Windows. But, Apple or Linux ?? With or without AV ?VPN - is it safe to entrust money traffic to a 3rd party ?What sort of protection for PC to router signal ?I'd love to hear your ideas.
Realistically - the rest are excessively paranoid and unnecessary/irrelevant.
You want a firewall (the one built into windows is fine these days) and an antivirus program. Then: don't visit dodgy websites ; don't download random things from said dodgy websites; don't click on random attachments on emails that you weren't expecting. That's it.
Cases of peoples bank accounts being compromised by their PCs being hacked vanishingly rare. Almost all such fraud is done by social engineering - someone phones up, pretending to be from your bank and persuades you to give them access to your bank accounts. Just don't do that.
There *are* people who have the skills and facilities to hack into your PC (without being invited in), but they're not going after random members of the public. They'll be going after large companies and government departments.
5 -
Common sense is a better weapon against fraud than paranoia. Nothing wrong with using a mobile phone or online banking in general for that matter. Many that are subject to fraud have played some part in the process - i.e. been manipulated into providing information, transferring money, approving transactions etc - most in contrary to the advice and guidance given by banks.2
-
I've been banking online for 10 years now and it's amazing - fast and convenient.
Until recently, I was using a 2011 iMac without any problems and without any anti-virus.
I mainly use an Android phone and just keep the apps updated.2 -
Pretty much all of that sounds overkill, you just need to exercise sensible digital security principals. If you're on a PC then make sure you understand what programs and browser extensions you have installed - don't click on random links and don't install anything unless you know what it does. Banking apps are generally safer (unless you use a rooted device) as the smartphone environment is more locked down than typical PCs generally are.
If you use a strong and unique password (ie. don't repeat passwords used for other site/services, use fully random alphanumeric + symbols and max out the allowed length) plus multifactor authentication (all banks require this anyway) then realistically the chances of getting "hacked" are very slim. You're more likely to fall for an identity theft scam where you either get your information scrapped from data breaches/social media, or you are fooled by scammers and unwittingly provide them with your information.4 -
Why stop there? Why not have the terminal held in an underground bunker in a secret location, which can only be accessed by performing gymnastics over lazer beams after going through armed guards.
It is paranoia. The scams and stuff you hear about in the news are not from nefarious fraudsters in dimly lit rooms that wear sunglasses 'hacking' into peoples bank accounts without the persons knowledge, it's nearly always people sending their own money to scammers accounts, because they've been convinced it is for a legitimate reason.
Nice try, Tim Cook.wmb194 said:
Why are you avoiding it? Online banking is awesome. If you're really worried go for an Apple iPhone or iPad with face ID but the versions with touchID will be okay as well. An Apple Mac would be a possibly safer alternative to a Windows PC. The new M4 Mac mini for £699* is a great option. I use a Mac and don't worry about AV and on my Windows PCs I use the built in AV (but I don't go to dodgy sites). I don't bother with VPNs for banking.Monanore said:Those of us who avoid online banking may soon have no choice but to use it. Given the current threat landscape, what is the safest set-up ? So far here's what I think :PC, definitely not smartphone.Dedicated PC - no other uses or apps, no deviating from established urls, no links of course.Not Windows. But, Apple or Linux ?? With or without AV ?VPN - is it safe to entrust money traffic to a 3rd party ?What sort of protection for PC to router signal ?I'd love to hear your ideas.
*Plus monitor, keyboard and mouse but you probably have these already.
In seriousness, I agree with the consensus that VPN's are pointless, I would actually go so far as to wonder whether VPN's would actively cause a lot of problems.
When I used VPN's in the past, many websites were able to tell and warned about VPN usage. Similarly I expect banks would probably have an issue with VPN usage, as I suspect it is more understandable that someone using a VPN to show they're in the UK would not be in the UK.
Windows has AV built in also.Ergates said:You want a firewall (the one built into windows is fine these days) and an antivirus program.Know what you don't6 -
VPNs themselves offer very little in added security, and mostly just serve to complicate things. Of course there are legitimate uses and for those applications they are invaluable, but the "encryption" they offer is no better than standard HTTPS in my view, and if your bank isn't already using this then you have bigger problems.Exodi said:Why stop there? Why not have the terminal held in an underground bunker in an unknown location, which can only be accessed by performing gymnastics over lazer beams after going through armed guards.
It is paranoia. The scams and stuff you hear about in the news are not from nefarious fraudsters in dimly lit rooms that wear sunglasses 'hacking' into peoples bank accounts without the persons knowledge, it's nearly always people sending their own money to scammers accounts, because they've been convinced it is for a legitimate reason.
Nice try, Tim Cook.wmb194 said:
Why are you avoiding it? Online banking is awesome. If you're really worried go for an Apple iPhone or iPad with face ID but the versions with touchID will be okay as well. An Apple Mac would be a possibly safer alternative to a Windows PC. The new M4 Mac mini for £699* is a great option. I use a Mac and don't worry about AV and on my Windows PCs I use the built in AV (but I don't go to dodgy sites). I don't bother with VPNs for banking.Monanore said:Those of us who avoid online banking may soon have no choice but to use it. Given the current threat landscape, what is the safest set-up ? So far here's what I think :PC, definitely not smartphone.Dedicated PC - no other uses or apps, no deviating from established urls, no links of course.Not Windows. But, Apple or Linux ?? With or without AV ?VPN - is it safe to entrust money traffic to a 3rd party ?What sort of protection for PC to router signal ?I'd love to hear your ideas.
*Plus monitor, keyboard and mouse but you probably have these already.
In seriousness, I agree with the consensus that VPN's are pointless, I would actually go so far as to wonder whether VPN's would actively cause a lot of problems.
When I used VPN's in the past, many websites were able to tell and warned about VPN usage. Similarly I expect banks would probably have an issue with VPN usage, as I suspect it is more understandable that someone using a VPN to show they're in the UK would not be in the UK.
Windows has AV built in also.Ergates said:You want a firewall (the one built into windows is fine these days) and an antivirus program.
As an aside, I had an issue several years ago where I had to call my bank through my banking app, and forgot that my VPN was set to somewhere outside the UK. The customer service agent (rightfully so) thought this was suspicious and froze my account, necessitating a branch visit to prove my identity.
3 -
use the banking app on a smartphone.
don't use the same PIN as you use to unlock the phone or indeed anywhere else
if you have a Samsung phone that supports it then put the banking app in the secure folder and secure that with a different pin again5
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 350.6K Banking & Borrowing
- 253K Reduce Debt & Boost Income
- 453.4K Spending & Discounts
- 243.6K Work, Benefits & Business
- 598.3K Mortgages, Homes & Bills
- 176.7K Life & Family
- 256.7K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards