We'd like to remind Forumites to please avoid political debate on the Forum. This is to keep it a safe and useful space for MoneySaving discussions. Threads that are - or become - political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.

What is the safest technical setup for online banking ?

Monanore
Monanore Posts: 60 Forumite
10 Posts Name Dropper
edited 28 November 2024 at 9:17AM in Budgeting & bank accounts
Those of us who avoid online banking may soon have no choice but to use it.  Given the current threat landscape, what is the safest set-up ?  So far here's what I think :
PC, definitely not smartphone.
Dedicated PC - no other uses or apps, no deviating from established urls, no links of course.
Not Windows.  But, Apple or Linux ??  With or without AV ?
VPN - is it safe to entrust money traffic to a 3rd party ?
What sort of protection for PC to router signal ?
I'd love to hear your ideas.
«13456710

Comments

  • wmb194
    wmb194 Posts: 4,221 Forumite
    Part of the Furniture 1,000 Posts Name Dropper Photogenic
    edited 28 November 2024 at 9:54AM
    Monanore said:
    Those of us who avoid online banking may soon have no choice but to use it.  Given the current threat landscape, what is the safest set-up ?  So far here's what I think :
    PC, definitely not smartphone.
    Dedicated PC - no other uses or apps, no deviating from established urls, no links of course.
    Not Windows.  But, Apple or Linux ??  With or without AV ?
    VPN - is it safe to entrust money traffic to a 3rd party ?
    What sort of protection for PC to router signal ?
    I'd love to hear your ideas.
    Why are you avoiding it? Online banking is awesome. If you're really worried go for an Apple iPhone or iPad with face ID but the versions with touchID will be okay as well. An Apple Mac would be a possibly safer alternative to a Windows PC. The new M4 Mac mini for £699* is a great option. I use a Mac and don't worry about AV and on my Windows PCs I use the built in AV (but I don't go to dodgy sites). I don't bother with VPNs for banking.

    *Plus monitor, keyboard and mouse but you probably have these already.
  • Ergates
    Ergates Posts: 2,739 Forumite
    Part of the Furniture 1,000 Posts Name Dropper
    Monanore said:
    Those of us who avoid online banking may soon have no choice but to use it.  Given the current threat landscape, what is the safest set-up ?  So far here's what I think :
    PC, definitely not smartphone.
    Dedicated PC - no other uses or apps, no deviating from established urls, no links of course.
    Not Windows.  But, Apple or Linux ??  With or without AV ?
    VPN - is it safe to entrust money traffic to a 3rd party ?
    What sort of protection for PC to router signal ?
    I'd love to hear your ideas.
    Firstly - Smart phones are significantly more secure than PCs/Laptops.

    Realistically - the rest are excessively paranoid and unnecessary/irrelevant.

    You want a firewall (the one built into windows is fine these days) and an antivirus program.  Then: don't visit dodgy websites ; don't download random things from said dodgy websites; don't click on random attachments on emails that you weren't expecting.  That's it.

    Cases of peoples bank accounts being compromised by their PCs being hacked vanishingly rare.  Almost all such fraud is done by social engineering - someone phones up, pretending to be from your bank and persuades you to give them access to your bank accounts.  Just don't do that.

    There *are* people who have the skills and facilities to hack into your PC (without being invited in), but they're not going after random members of the public.  They'll be going after large companies and government departments.
  • MEM62
    MEM62 Posts: 5,078 Forumite
    Part of the Furniture 1,000 Posts Name Dropper
    Common sense is a better weapon against fraud than paranoia.  Nothing wrong with using a mobile phone or online banking in general for that matter.  Many that are subject to fraud have played some part in the process - i.e. been manipulated into providing information, transferring money, approving transactions etc - most in contrary to the advice and guidance given by banks.  
  • I've been banking online for 10 years now and it's amazing - fast and convenient. 

    Until recently, I was using a 2011 iMac without any problems and without any anti-virus. 

    I mainly use an Android phone and just keep the apps updated. 
  • Pretty much all of that sounds overkill, you just need to exercise sensible digital security principals. If you're on a PC then make sure you understand what programs and browser extensions you have installed - don't click on random links and don't install anything unless you know what it does. Banking apps are generally safer (unless you use a rooted device) as the smartphone environment is more locked down than typical PCs generally are.

    If you use a strong and unique password (ie. don't repeat passwords used for other site/services, use fully random alphanumeric + symbols and max out the allowed length) plus multifactor authentication (all banks require this anyway) then realistically the chances of getting "hacked" are very slim. You're more likely to fall for an identity theft scam where you either get your information scrapped from data breaches/social media, or you are fooled by scammers and unwittingly provide them with your information.
  • Exodi said:
    Why stop there? Why not have the terminal held in an underground bunker in an unknown location, which can only be accessed by performing gymnastics over lazer beams after going through armed guards.

    It is paranoia. The scams and stuff you hear about in the news are not from nefarious fraudsters in dimly lit rooms that wear sunglasses 'hacking' into peoples bank accounts without the persons knowledge, it's nearly always people sending their own money to scammers accounts, because they've been convinced it is for a legitimate reason.
    wmb194 said:
    Monanore said:
    Those of us who avoid online banking may soon have no choice but to use it.  Given the current threat landscape, what is the safest set-up ?  So far here's what I think :
    PC, definitely not smartphone.
    Dedicated PC - no other uses or apps, no deviating from established urls, no links of course.
    Not Windows.  But, Apple or Linux ??  With or without AV ?
    VPN - is it safe to entrust money traffic to a 3rd party ?
    What sort of protection for PC to router signal ?
    I'd love to hear your ideas.
    Why are you avoiding it? Online banking is awesome. If you're really worried go for an Apple iPhone or iPad with face ID but the versions with touchID will be okay as well. An Apple Mac would be a possibly safer alternative to a Windows PC. The new M4 Mac mini for £699* is a great option. I use a Mac and don't worry about AV and on my Windows PCs I use the built in AV (but I don't go to dodgy sites). I don't bother with VPNs for banking.

    *Plus monitor, keyboard and mouse but you probably have these already.
    Nice try, Tim Cook.

    In seriousness, I agree with the consensus that VPN's are pointless, I would actually go so far as to wonder whether VPN's would actively cause a lot of problems.

    When I used VPN's in the past, many websites were able to tell and warned about VPN usage. Similarly I expect banks would probably have an issue with VPN usage, as I suspect it is more understandable that someone using a VPN to show they're in the UK would not be in the UK.
    Ergates said:
    You want a firewall (the one built into windows is fine these days) and an antivirus program.
    Windows has AV built in also.
    VPNs themselves offer very little in added security, and mostly just serve to complicate things. Of course there are legitimate uses and for those applications they are invaluable, but the "encryption" they offer is no better than standard HTTPS in my view, and if your bank isn't already using this then you have bigger problems.

    As an aside, I had an issue several years ago where I had to call my bank through my banking app, and forgot that my VPN was set to somewhere outside the UK. The customer service agent (rightfully so) thought this was suspicious and froze my account, necessitating a branch visit to prove my identity.


Meet your Ambassadors

Categories

  • All Categories
  • 347.8K Banking & Borrowing
  • 251.9K Reduce Debt & Boost Income
  • 452.2K Spending & Discounts
  • 240.2K Work, Benefits & Business
  • 616.4K Mortgages, Homes & Bills
  • 175.4K Life & Family
  • 253.5K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16K Discuss & Feedback
  • 15.1K Coronavirus Support Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.