A Simple Way To Make Online Banking Safe. Really.

Uploaded on 2016-12-12 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW, BUSINESS-Services-Financial

The City of London Police had considered asking financial regulators to make individual savers, rather than banks, liable for fraud losses.

The force was worried that the knowledge that someone else would pick up the bill reduced the incentive for bank customers to take proper precautions against online hackers.

In the end, the police, sensing that the public would see the proposals as letting bankers, our least popular citizens, off the hook at the expense of ordinary people, decided to take a different approach to the problem. A public education exercise will publicise the steps that those who bank online need to take to protect their computers from the hackers.

This initiative is entirely worthy, of course. But I think there’s a much better way to enjoy the benefits of online banking while keeping your money safe from fraudsters.

It is simply this: ditch your PC and get a Smartphone

This advice may sound counter-intuitive. Surely big, static computers, or even laptops, are more suited to serious uses such as running our bank accounts, while smartphones are the preserve of teenagers busily tweeting or texting their friends?

It’s a plausible argument, but wrong. Windows PCs are among the most versatile machines ever produced, but that versatility comes at a cost. Anyone can write a program that runs on a PC, and millions have been written over the years. All you need is the technical skill and a means of delivering it to the targeted computer. This applies even if your program is malicious, and indeed tens of thousands of such pieces of software have been devised over the years.

Some have been for the creator’s amusement, to cause disruption or to attract attention, but these days most are designed for stealing information or money.

It is possible to defend your computer against these malicious programs, but it takes an awful lot of effort. There is no single piece of hardware or software that will do the job; you need a multi-faceted approach including “firewall” software, an antivirus program and an operating system that is regularly updated with the latest improvements.

Keeping up with this is hard enough for computer enthusiasts such as me. For those who understand how a computer operates about as much as they comprehend the workings of a spacecraft, and especially if they are very elderly, the process must be utterly baffling.

It’s all very different with a smartphone. These devices have two crucial advantages when it comes to security. First, their software is far more modern, designed in a world in which the dangers of malicious software were thoroughly appreciated.

Second, and unlike the position with a PC, it’s not possible to load any old software on a smartphone. The only way to install a program on an iPhone or Android device is to visit the appropriate “app store”, and programs are allowed in an app store only once they have been vetted by Apple or the equivalent vendor.

If you own both a PC and a smartphone, the contrast between the hassle of keeping the former safe and the “just use it” feel of the latter is one of the joys of the handheld device.

There is a further point. Banks do have the right, although I’m not sure how often they use it, to refuse a refund for online fraud if you have not taken reasonable steps to keep your device safe. But if you bank via a smartphone app you are using your bank’s own software on a device that it has deemed safe enough to host it in normal circumstances. If a vulnerability should arise, it’s down to the bank, or Apple or other device maker, to provide the update needed to restore security.

So, whatever your age, if you want to bank online it’s time to step into the age of the smartphone.

Telegraph:              Just How Safe Is Online Banking?:
 

« Codebreakers: Cybersecurity School At Bletchley Park
How Much Do IT Graduate & Intern Jobs Currently Pay? »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Coro Cybersecurity

Coro Cybersecurity

Coro (formerly Coronet) empowers organizations to protect against malware, ransomware, phishing, and botnets - across devices, users, and cloud applications.

Suprema

Suprema

Suprema is a leading global provider of access control and biometrics solutions.

BlueKrypt

BlueKrypt

BlueKrypt is a consulting firm for the security of IT systems and their management.

ISMS Accreditation Center (ISMS-AC)

ISMS Accreditation Center (ISMS-AC)

ISMS-AC is the national accreditation body for Japan. The directory of members provides details of organisations offering certification services for ISO 27001.

Danish Maritime Cybersecurity Unit

Danish Maritime Cybersecurity Unit

The Danish Maritime Cybersecurity Unit is tasked with delivering the initiatives set out in the Cyber and Information Security Strategy for the Maritime Sector.

Fortalice

Fortalice

Fortalice provide customizable consulting services built on proven methodology to strengthen your business cyber security defenses.

Center for Education & Research in Information Assurance & Security (CERIAS)

Center for Education & Research in Information Assurance & Security (CERIAS)

CERIAS is one of the world’s leading centers for research and education in areas of information and cyber security.

Tapestry Technologies

Tapestry Technologies

Tapestry Technologies supports the Department of Defense in shaping its approach to cybersecurity.

Secureframe

Secureframe

Companies from startups to enterprises use Secureframe to automate SOC 2 and ISO 27001 compliance, complete audits, and continuously monitor their security.

Noetic Cyber

Noetic Cyber

Noetic provides a proactive approach to cyber asset and controls management, empowering security teams to see, understand, and optimize their cybersecurity posture.

Theta432

Theta432

THETA432 is a cybersecurity firm that provides 24/7/365 managed prevention, detection, response, Hybrid SOC, cyber defense monitoring services with dynamically defined defense (3D™).

McDonald Hopkins

McDonald Hopkins

McDonald Hopkins is a business advisory and advocacy law firm. We focus on insightful legal solutions that help our clients strategically plan for an increasingly competitive future.

Istari

Istari

ISTARI is a new kind of cyber risk management company. We’re an agile collective of best-in-class capabilities and experts, who build ongoing partnerships with clients.

FluidOne

FluidOne

FluidOne are an award-winning Connected Cloud Solutions provider. We design tailored solutions to help customers and partners digitally transform their IT and communications.

Mindsprint

Mindsprint

Mindsprint (formerly Olam Technology and Business Services - OTBS) are a leading edge technology and business services firm.

Buzz Cybersecurity

Buzz Cybersecurity

Buzz Cybersecurity systems and services are designed to proactively guard against common and uncommon cyber threats.