A Simple Way To Make Online Banking Safe. Really.

Uploaded on 2016-12-12 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW, BUSINESS-Services-Financial

The City of London Police had considered asking financial regulators to make individual savers, rather than banks, liable for fraud losses.

The force was worried that the knowledge that someone else would pick up the bill reduced the incentive for bank customers to take proper precautions against online hackers.

In the end, the police, sensing that the public would see the proposals as letting bankers, our least popular citizens, off the hook at the expense of ordinary people, decided to take a different approach to the problem. A public education exercise will publicise the steps that those who bank online need to take to protect their computers from the hackers.

This initiative is entirely worthy, of course. But I think there’s a much better way to enjoy the benefits of online banking while keeping your money safe from fraudsters.

It is simply this: ditch your PC and get a Smartphone

This advice may sound counter-intuitive. Surely big, static computers, or even laptops, are more suited to serious uses such as running our bank accounts, while smartphones are the preserve of teenagers busily tweeting or texting their friends?

It’s a plausible argument, but wrong. Windows PCs are among the most versatile machines ever produced, but that versatility comes at a cost. Anyone can write a program that runs on a PC, and millions have been written over the years. All you need is the technical skill and a means of delivering it to the targeted computer. This applies even if your program is malicious, and indeed tens of thousands of such pieces of software have been devised over the years.

Some have been for the creator’s amusement, to cause disruption or to attract attention, but these days most are designed for stealing information or money.

It is possible to defend your computer against these malicious programs, but it takes an awful lot of effort. There is no single piece of hardware or software that will do the job; you need a multi-faceted approach including “firewall” software, an antivirus program and an operating system that is regularly updated with the latest improvements.

Keeping up with this is hard enough for computer enthusiasts such as me. For those who understand how a computer operates about as much as they comprehend the workings of a spacecraft, and especially if they are very elderly, the process must be utterly baffling.

It’s all very different with a smartphone. These devices have two crucial advantages when it comes to security. First, their software is far more modern, designed in a world in which the dangers of malicious software were thoroughly appreciated.

Second, and unlike the position with a PC, it’s not possible to load any old software on a smartphone. The only way to install a program on an iPhone or Android device is to visit the appropriate “app store”, and programs are allowed in an app store only once they have been vetted by Apple or the equivalent vendor.

If you own both a PC and a smartphone, the contrast between the hassle of keeping the former safe and the “just use it” feel of the latter is one of the joys of the handheld device.

There is a further point. Banks do have the right, although I’m not sure how often they use it, to refuse a refund for online fraud if you have not taken reasonable steps to keep your device safe. But if you bank via a smartphone app you are using your bank’s own software on a device that it has deemed safe enough to host it in normal circumstances. If a vulnerability should arise, it’s down to the bank, or Apple or other device maker, to provide the update needed to restore security.

So, whatever your age, if you want to bank online it’s time to step into the age of the smartphone.

Telegraph:              Just How Safe Is Online Banking?:
 

« Codebreakers: Cybersecurity School At Bletchley Park
How Much Do IT Graduate & Intern Jobs Currently Pay? »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Qualitèsoft Technology

Qualitèsoft Technology

Qualitèsoft Technology is a leading Software Development and Quality Assurance organization. We specialize in Custom Development, Mobile Application, Software Testing and Quality Assurance.

Bricata

Bricata

Bricata offers industry-leading IPS solutions for enterprise-wide threat prevention and unparalleled situational awareness.

My Data Recovery Lab

My Data Recovery Lab

We recover data from: HDDs, RAIDs, NAS, SSDs, USB Flash Devices, Desktop Computers, Mobile devices and other data storage media.

HorizonIQ

HorizonIQ

HorizonIQ (formerly Internap Corp / INAP) maximizes efficiency and innovation with flexible infrastructure solutions.

Nuspire

Nuspire

Nuspire provide services to protect your network with best-in-class managed detection and response, allowing you to stay focused on managing your business.

Yelbridges

Yelbridges

Yelbridges offer high quality IT security & risk management services to mitigate business risks.

SmartContractAudits.com

SmartContractAudits.com

SmartContractAudits.com is the leading platform for finding companies providing smart contract auditing services.

Ultratec

Ultratec

Ultratec provide a range of data centric services and solutions including data recovery, data erasure, data destruction and full IT Asset Disposal (ITAD).

Privakey

Privakey

Transaction Intent Verification. Privakey delivers a secure channel to streamline high risk transactions, enabling digital trust between services and their users.

Voodoo Security

Voodoo Security

Voodoo Security is a specialized information security consulting firm focused on security assessments, risk and compliance analysis, and cloud security.

Prescient Solutions

Prescient Solutions

Prescient Solutions is a managed services provider, using a cloud-based model to provide IT solutions to small, mid-sized, global organizations and government entities.

Prancer

Prancer

Prancer is the industry's first cloud-native, self-service SAAS platform for automated security validation and penetration testing in the cloud.

OpsHelm

OpsHelm

OpsHelm provides a Software-as-a-Service solution to help businesses ensure that all of their cloud environments have their security bases covered.

Acronis

Acronis

At Acronis, we protect the data, applications, systems and productivity of every organization – safeguarding them against cyberattacks, hardware failures, natural disasters and human errors.

InfoSec Brigade

InfoSec Brigade

InfoSec Brigade offers a suite of specialized solutions that help businesses to mitigate risk by integrating cyber and IT security protocols with business goals.

ModelOp

ModelOp

ModelOp is the leading AI Governance software for enterprises and helps safeguard all AI initiatives.