A Simple Way To Make Online Banking Safe. Really.

The City of London Police had considered asking financial regulators to make individual savers, rather than banks, liable for fraud losses.

The force was worried that the knowledge that someone else would pick up the bill reduced the incentive for bank customers to take proper precautions against online hackers.

In the end, the police, sensing that the public would see the proposals as letting bankers, our least popular citizens, off the hook at the expense of ordinary people, decided to take a different approach to the problem. A public education exercise will publicise the steps that those who bank online need to take to protect their computers from the hackers.

This initiative is entirely worthy, of course. But I think there’s a much better way to enjoy the benefits of online banking while keeping your money safe from fraudsters.

It is simply this: ditch your PC and get a Smartphone

This advice may sound counter-intuitive. Surely big, static computers, or even laptops, are more suited to serious uses such as running our bank accounts, while smartphones are the preserve of teenagers busily tweeting or texting their friends?

It’s a plausible argument, but wrong. Windows PCs are among the most versatile machines ever produced, but that versatility comes at a cost. Anyone can write a program that runs on a PC, and millions have been written over the years. All you need is the technical skill and a means of delivering it to the targeted computer. This applies even if your program is malicious, and indeed tens of thousands of such pieces of software have been devised over the years.

Some have been for the creator’s amusement, to cause disruption or to attract attention, but these days most are designed for stealing information or money.

It is possible to defend your computer against these malicious programs, but it takes an awful lot of effort. There is no single piece of hardware or software that will do the job; you need a multi-faceted approach including “firewall” software, an antivirus program and an operating system that is regularly updated with the latest improvements.

Keeping up with this is hard enough for computer enthusiasts such as me. For those who understand how a computer operates about as much as they comprehend the workings of a spacecraft, and especially if they are very elderly, the process must be utterly baffling.

It’s all very different with a smartphone. These devices have two crucial advantages when it comes to security. First, their software is far more modern, designed in a world in which the dangers of malicious software were thoroughly appreciated.

Second, and unlike the position with a PC, it’s not possible to load any old software on a smartphone. The only way to install a program on an iPhone or Android device is to visit the appropriate “app store”, and programs are allowed in an app store only once they have been vetted by Apple or the equivalent vendor.

If you own both a PC and a smartphone, the contrast between the hassle of keeping the former safe and the “just use it” feel of the latter is one of the joys of the handheld device.

There is a further point. Banks do have the right, although I’m not sure how often they use it, to refuse a refund for online fraud if you have not taken reasonable steps to keep your device safe. But if you bank via a smartphone app you are using your bank’s own software on a device that it has deemed safe enough to host it in normal circumstances. If a vulnerability should arise, it’s down to the bank, or Apple or other device maker, to provide the update needed to restore security.

So, whatever your age, if you want to bank online it’s time to step into the age of the smartphone.

Telegraph:              Just How Safe Is Online Banking?:
 

« Codebreakers: Cybersecurity School At Bletchley Park
How Much Do IT Graduate & Intern Jobs Currently Pay? »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

GFI Software

GFI Software

GFI Software works with System Administrators, IT Professionals and IT Executives to ensure that their IT infrastructures are monitored, managed, secured and compliant.

MyCERT

MyCERT

MyCERT is the National Computer Emergency Response Team of Malaysia.

Zertificon Solutions

Zertificon Solutions

Zertificon is a leader in professional email encryption and data security.

Array Networks

Array Networks

Array Networks, the network functions platform company, develops purpose-built systems for hosting virtual networking and security functions with guaranteed performance.

Radically Open Security

Radically Open Security

Radically Open Security is the world's first not-for-profit computer security consultancy company.

DeuZert

DeuZert

DeuZert is an accredited German certification body in accordance with ISO/IEC 27001 (Information Security Management).

Italtel

Italtel

Italtel is a multinational ICT company that combines networks and communications services with the ability to innovate and develop solutions for digital transformation.

Huntress Labs

Huntress Labs

Huntress provides managed threat detection and response services to uncover and address malicious footholds that slip past your preventive defenses.

Cybersec Infohub

Cybersec Infohub

Cybersec Infohub is a Hong Kong government programme to enhance the exchange of cyber security information with industry and enterprises to jointly defend against cyber attacks.

Singular Security

Singular Security

Singular Security help public and private organizations minimize cybersecurity risk and pass their IT compliance audit.

Evalian

Evalian

Evalian is a data protection services provider. Working with organisations of all sizes, we specialise in Data Protection, GDPR, ISO Certification & Information Security.

Nisos

Nisos

Nisos provides unrivaled protection of your reputation and assets through the practice of Active Defense.

Celebrus

Celebrus

Celebrus Fraud Data Platform, by D4t4 Solutions, works with existing fraud structures to augment functionality and turn fraud management into true fraud prevention.

Alethea

Alethea

Alethea is a technology company helping companies, nonprofits, and democracies protect themselves from harms stemming from disinformation and social media manipulation.

StrongBox IT

StrongBox IT

Strongbox IT provides solutions to secure web applications and infrastructure.

Razilio

Razilio

Razilio is a boutique cybersecurity consultancy located in Sydney, Australia and serving the world.