We'd like to remind Forumites to please avoid political debate on the Forum. This is to keep it a safe and useful space for MoneySaving discussions. Threads that are - or become - political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.

What is the safest technical setup for online banking ?

1235710

Comments

  • sausage_time
    sausage_time Posts: 1,177 Ambassador
    Ninth Anniversary 1,000 Posts Name Dropper Photogenic
    Over 26 years for me!  Signed up for RBS Direct Banking by PC in July 1998.  This was tied to Internet Explorer.

    My first Amazon order was October 1999.
    I’m a Forum Ambassador and I support the Forum Team on the Credit Cards and Budgeting & Bank Accounts boards. If you need any help on these boards, do let me know. Please note that Ambassadors are not moderators. Any posts you spot in breach of the Forum Rules should be reported via the report button, or by emailing forumteam@moneysavingexpert.com.
    All views are my own and not the official line of MoneySavingExpert.
  • booneruk
    booneruk Posts: 591 Forumite
    Sixth Anniversary 500 Posts Name Dropper
    edited 29 November 2024 at 12:24PM
    GeoffTF said:
    Zanderman said:
    A banking app - designed by and for a bank - will by definition be more secure than a generic browser app not made for or by a bank.
    Who do you think is more technically competent, Google, Mozilla, Apple or your bank? Open source browsers are scrutinised by countless other eyes too. Enormous effort is put into browser security. Independent assessments usually find lots of security issues with banking apps.
    Google are competent, that's why I like their closed ecosystem and vetted app store on my phone.

    People can install dubious browser extensions that could get full access to their browsing. Other nasties could creep onto a computer that can compromise your security. Yes, most people won't just randomly be installing dubious stuff, but we know it happens.

    Phones are generally a closed ecosystem. Apps on a phone run in isolation from each other and are more secure by design.

    I know I'd trust a bank developed app downloaded from an official app store running on a non-rooted secured mobile device over a browser (but I do use both!). Apps will also have features such as "phone the bank" which can bypass the authorisation you'd have to go through on a normal call.
  • Monanore
    Monanore Posts: 60 Forumite
    10 Posts Name Dropper
    edited 29 November 2024 at 9:33AM
    All very interesting again.
    My conclusion so far - a mobile with banking app kept at home !!!

  • wmb194
    wmb194 Posts: 4,272 Forumite
    Part of the Furniture 1,000 Posts Name Dropper Photogenic
    Monanore said:
    All very interesting again.
    My conclusion so far - a mobile with banking app kept at home !!!

    Or a tablet.
  • km1500
    km1500 Posts: 2,703 Forumite
    1,000 Posts Second Anniversary Name Dropper
    That is certainly true for what I would call high value bank accounts

    It might be worth having one bank account on your mobile phone that you have on you with maybe a card linked to it with not much money in it  because you may want to do some shopping and may need to authorize the purchase there and then

    An account like starling would be a good one because it allows you to set the overdraft limit to 0 via slider and so nobody can run up an overdraft if the account is compromised
  • GeoffTF
    GeoffTF Posts: 1,677 Forumite
    1,000 Posts Third Anniversary Photogenic Name Dropper
    booneruk said:
    GeoffTF said:
    Zanderman said:
    A banking app - designed by and for a bank - will by definition be more secure than a generic browser app not made for or by a bank.
    Who do you think is more technically competent, Google, Mozilla, Apple or your bank? Open source browsers are scrutinised by countless other eyes too. Enormous effort is put into browser security. Independent assessments usually find lots of security issues with banking apps.
    Apps on a phone run in isolation from each other and are more secure by design.
    Browsers are sandboxed nowadays:
    As I have said, you can run an immutable Linux distro if you wish, which eliminates any possibility of malware, except in the initial download and updates. These should, however, be cryptographically signed so that their authenticity and integrity can be checked.
    Making it necessary to use two separate devices to log into your account obviously increases security. Making it impossible to log into your account from anywhere but a single secure location obviously increases security too.
  • booneruk
    booneruk Posts: 591 Forumite
    Sixth Anniversary 500 Posts Name Dropper
    edited 29 November 2024 at 10:19AM
    I guess the OPs question "What is the safest technical setup" can be interpreted absolutely (hand installed Linux distros, dedicated uncontended internet connection, concrete bunkers etc) and also practically - "what is the safest practical technical setup".

    My Dad isn't going to want to mess about with Linux installs, finding obscure drivers, messing with the command line to get his eth0 nic working and dealing with kernel updates. He can, however, go buy an Android 14 phone and have immediate trust in that, the app store and the bank app he downloads - plus it will be supported and updated painlessly for years.
  • wmb194 said:
    Monanore said:
    All very interesting again.
    My conclusion so far - a mobile with banking app kept at home !!!

    Or a tablet.
    This is my approach, though mostly because I don’t think it’s necessary to have access to everything, everywhere, all the time….. My mobile is the device that receives passcodes, and has authenticator apps. But the apps themselves are on my tablet and I do my banking/lifemin there, when I sit down to do that.
  • Nasqueron
    Nasqueron Posts: 10,149 Forumite
    Tenth Anniversary 10,000 Posts Photogenic Name Dropper
    GeoffTF said:
    GeoffTF said:
    A mobile away from home is clearly more at risk than a dedicated PC securely locked away at home, particularly if it does not have security updates.
    Why is it?
    Excluding using public WiFi.

    Your using a mobile signal which is exactly the same no matter where you are.

    VPN. Who's to say that the supplier is not filtering info.
    Your phone can be snatched. It is easily accessed if it unlocked, and given the right resources could be accessed if it is not. If you use the same device for receiving security codes, you do not have proper 2FA. Most phones do not get security updates for long. Mobile phones are less prone to malware than Windows, but are not immune. A highly secure PC that is only used for online banking should be malware proof. The only ways in will be the original OS download and updates. They should be free of nasties, but there is no absolute guarantee. I have already mentioned immutable Linux. Another approach is to install Linux in a micro SD card and boot from that card only when using online banking. A micro SD card can be easily hidden. That is likely to be more secure than storing your PC in a safe.
    WiFi should not be an issue, because your communications with the bank are encrypted.
    One feature Google just added for the latest feature drop to Android for phones with motion sensors or something like that, is to automatically lock the phone if it detects sudden movement when the phone is unlocked - you can also remotely lock it if you have access to another device to do so.

    Any half decent Android phone provider now is offering 3 years of updates + at least a year of security, bigger ones like Google and Samsung are now doing 6. Apple of course offer 6 years too - given the number of Apple phone users in the UK, who are often the sort of younger people who will have their life on the phone rather than a PC, it's easily as safe as a PC

    Sam Vimes' Boots Theory of Socioeconomic Unfairness: 

    People are rich because they spend less money. A poor man buys $10 boots that last a season or two before he's walking in wet shoes and has to buy another pair. A rich man buys $50 boots that are made better and give him 10 years of dry feet. The poor man has spent $100 over those 10 years and still has wet feet.

Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 348.2K Banking & Borrowing
  • 252.1K Reduce Debt & Boost Income
  • 452.3K Spending & Discounts
  • 240.8K Work, Benefits & Business
  • 617K Mortgages, Homes & Bills
  • 175.6K Life & Family
  • 253.9K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16K Discuss & Feedback
  • 15.1K Coronavirus Support Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.