We'd like to remind Forumites to please avoid political debate on the Forum. This is to keep it a safe and useful space for MoneySaving discussions. Threads that are - or become - political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
What is the safest technical setup for online banking ?
Comments
-
I think that's the crucial point that I wasn't aware of. That the SMS code will also be available in the app on EVERY device.flaneurs_lobster said:If SMS codes are required then they are sent to your existing phone and copied into the banking app/website on the second device.0 -
Not sure I understand. The SMS is sent to one device* - a phone tied to a SIM card. The point @flaneurs_lobsterdanco said:
I think that's the crucial point that I wasn't aware of. That the SMS code will also be available in the app on EVERY device.flaneurs_lobster said:If SMS codes are required then they are sent to your existing phone and copied into the banking app/website on the second device.
was making that this could be manually copied to an app or login asking for it on another device.
*In theory you can view SMS messages on a web browser too. For Android phones this can be https://messages.google.com/web for example. But you need the original SIM device to be "paired" with the browser. Apple probably have something similar.I’m a Forum Ambassador and I support the Forum Team on the Credit Cards and Budgeting & Bank Accounts boards. If you need any help on these boards, do let me know. Please note that Ambassadors are not moderators. Any posts you spot in breach of the Forum Rules should be reported via the report button, or by emailing forumteam@moneysavingexpert.com.
All views are my own and not the official line of MoneySavingExpert.1 -
Yes, exactly right.sausage_time said:
Not sure I understand. The SMS is sent to one device* - a phone tied to a SIM card. The point @flaneurs_lobsterdanco said:
I think that's the crucial point that I wasn't aware of. That the SMS code will also be available in the app on EVERY device.flaneurs_lobster said:If SMS codes are required then they are sent to your existing phone and copied into the banking app/website on the second device.
was making that this could be manually copied to an app or login asking for it on another device.
*In theory you can view SMS messages on a web browser too. For Android phones this can be https://messages.google.com/web for example. But you need the original SIM device to be "paired" with the browser. Apple probably have something similar.
Windows machines have MS Phone Link pre-installed, lets you read SMS messages (and pretty much everything else) on a paired phone (certainly Android - dunno about Apple).1 -
The OP is over thinking this.....1
-
Safest will be the banking app with fingerprint or faceid activated2
-
That defeats the object of 2FA, which is the ensure that you need to have access to two different devices to make the transaction, which ensures that a hacker has to gain access to both devices in order to make a fraudulent transaction (or intercept the message in the case of SMS).flaneurs_lobster said:
Yes, exactly right.sausage_time said:
Not sure I understand. The SMS is sent to one device* - a phone tied to a SIM card. The point @flaneurs_lobsterdanco said:
I think that's the crucial point that I wasn't aware of. That the SMS code will also be available in the app on EVERY device.flaneurs_lobster said:If SMS codes are required then they are sent to your existing phone and copied into the banking app/website on the second device.
was making that this could be manually copied to an app or login asking for it on another device.
*In theory you can view SMS messages on a web browser too. For Android phones this can be https://messages.google.com/web for example. But you need the original SIM device to be "paired" with the browser. Apple probably have something similar.
Windows machines have MS Phone Link pre-installed, lets you read SMS messages (and pretty much everything else) on a paired phone (certainly Android - dunno about Apple).
0 -
No it doesn't - the second device has to be physically present too. It's linked to the first (in this example by Bluetooth). The first device is just being used as a second screen (and it makes it easier to cut'n'paste codes).GeoffTF said:
That defeats the object of 2FA, which is the ensure that you need to have two different devices to make the transaction, which ensures that a hacker has to gain access to both devices in order to make a fraudulent transaction.flaneurs_lobster said:
Yes, exactly right.sausage_time said:
Not sure I understand. The SMS is sent to one device* - a phone tied to a SIM card. The point @flaneurs_lobsterdanco said:
I think that's the crucial point that I wasn't aware of. That the SMS code will also be available in the app on EVERY device.flaneurs_lobster said:If SMS codes are required then they are sent to your existing phone and copied into the banking app/website on the second device.
was making that this could be manually copied to an app or login asking for it on another device.
*In theory you can view SMS messages on a web browser too. For Android phones this can be https://messages.google.com/web for example. But you need the original SIM device to be "paired" with the browser. Apple probably have something similar.
Windows machines have MS Phone Link pre-installed, lets you read SMS messages (and pretty much everything else) on a paired phone (certainly Android - dunno about Apple).2 -
2FA is to ensure that there are two factors involved, something you know (your password) and something you have (your laptop or phone) It would be a bit less secure if you had it linked but its still two factors.GeoffTF said:
That defeats the object of 2FA, which is the ensure that you need to have access to two different devices to make the transaction, which ensures that a hacker has to gain access to both devices in order to make a fraudulent transaction (or intercept the message in the case of SMS).flaneurs_lobster said:
Yes, exactly right.sausage_time said:
Not sure I understand. The SMS is sent to one device* - a phone tied to a SIM card. The point @flaneurs_lobsterdanco said:
I think that's the crucial point that I wasn't aware of. That the SMS code will also be available in the app on EVERY device.flaneurs_lobster said:If SMS codes are required then they are sent to your existing phone and copied into the banking app/website on the second device.
was making that this could be manually copied to an app or login asking for it on another device.
*In theory you can view SMS messages on a web browser too. For Android phones this can be https://messages.google.com/web for example. But you need the original SIM device to be "paired" with the browser. Apple probably have something similar.
Windows machines have MS Phone Link pre-installed, lets you read SMS messages (and pretty much everything else) on a paired phone (certainly Android - dunno about Apple).0 -
That's not the case for reading SMS via https://messages.google.com/web on Android. But the devices do need to be adjacent for initial pairing (via scanning a QR code).flaneurs_lobster said:
No it doesn't - the second device has to be physically present too. It's linked to the first (in this example by Bluetooth). The first device is just being used as a second screen (and it makes it easier to cut'n'paste codes).GeoffTF said:
That defeats the object of 2FA, which is the ensure that you need to have two different devices to make the transaction, which ensures that a hacker has to gain access to both devices in order to make a fraudulent transaction.flaneurs_lobster said:
Yes, exactly right.sausage_time said:
Not sure I understand. The SMS is sent to one device* - a phone tied to a SIM card. The point @flaneurs_lobsterdanco said:
I think that's the crucial point that I wasn't aware of. That the SMS code will also be available in the app on EVERY device.flaneurs_lobster said:If SMS codes are required then they are sent to your existing phone and copied into the banking app/website on the second device.
was making that this could be manually copied to an app or login asking for it on another device.
*In theory you can view SMS messages on a web browser too. For Android phones this can be https://messages.google.com/web for example. But you need the original SIM device to be "paired" with the browser. Apple probably have something similar.
Windows machines have MS Phone Link pre-installed, lets you read SMS messages (and pretty much everything else) on a paired phone (certainly Android - dunno about Apple).I’m a Forum Ambassador and I support the Forum Team on the Credit Cards and Budgeting & Bank Accounts boards. If you need any help on these boards, do let me know. Please note that Ambassadors are not moderators. Any posts you spot in breach of the Forum Rules should be reported via the report button, or by emailing forumteam@moneysavingexpert.com.
All views are my own and not the official line of MoneySavingExpert.0 -
Apple - IOS 18’s Continuity feature means that a passcode in an SMS sent to an iPhone will be presented on a Mac or iPad as an option you can pick in the dialogue box or from the bar above the keypad. It can also present some passcodes detected in emails.flaneurs_lobster said:
Windows machines have MS Phone Link pre-installed, lets you read SMS messages (and pretty much everything else) on a paired phone (certainly Android - dunno about Apple).
If you have your phone with you and see an SMS arrive, and you haven’t just requested a passcode, then react. If you’re not someone who always has their phone on them then disable Continuity.
Knowing where your device is, is the modern version of knowing where your wallet is.Fashion on the Ration
2024 - 43/66 coupons used, carry forward 23
2025 - 55.5/890
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 348.8K Banking & Borrowing
- 252.3K Reduce Debt & Boost Income
- 452.6K Spending & Discounts
- 241.6K Work, Benefits & Business
- 618.2K Mortgages, Homes & Bills
- 176K Life & Family
- 254.7K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 15.1K Coronavirus Support Boards