A Simple Way To Make Online Banking Safe. Really.

The City of London Police had considered asking financial regulators to make individual savers, rather than banks, liable for fraud losses.

The force was worried that the knowledge that someone else would pick up the bill reduced the incentive for bank customers to take proper precautions against online hackers.

In the end, the police, sensing that the public would see the proposals as letting bankers, our least popular citizens, off the hook at the expense of ordinary people, decided to take a different approach to the problem. A public education exercise will publicise the steps that those who bank online need to take to protect their computers from the hackers.

This initiative is entirely worthy, of course. But I think there’s a much better way to enjoy the benefits of online banking while keeping your money safe from fraudsters.

It is simply this: ditch your PC and get a Smartphone

This advice may sound counter-intuitive. Surely big, static computers, or even laptops, are more suited to serious uses such as running our bank accounts, while smartphones are the preserve of teenagers busily tweeting or texting their friends?

It’s a plausible argument, but wrong. Windows PCs are among the most versatile machines ever produced, but that versatility comes at a cost. Anyone can write a program that runs on a PC, and millions have been written over the years. All you need is the technical skill and a means of delivering it to the targeted computer. This applies even if your program is malicious, and indeed tens of thousands of such pieces of software have been devised over the years.

Some have been for the creator’s amusement, to cause disruption or to attract attention, but these days most are designed for stealing information or money.

It is possible to defend your computer against these malicious programs, but it takes an awful lot of effort. There is no single piece of hardware or software that will do the job; you need a multi-faceted approach including “firewall” software, an antivirus program and an operating system that is regularly updated with the latest improvements.

Keeping up with this is hard enough for computer enthusiasts such as me. For those who understand how a computer operates about as much as they comprehend the workings of a spacecraft, and especially if they are very elderly, the process must be utterly baffling.

It’s all very different with a smartphone. These devices have two crucial advantages when it comes to security. First, their software is far more modern, designed in a world in which the dangers of malicious software were thoroughly appreciated.

Second, and unlike the position with a PC, it’s not possible to load any old software on a smartphone. The only way to install a program on an iPhone or Android device is to visit the appropriate “app store”, and programs are allowed in an app store only once they have been vetted by Apple or the equivalent vendor.

If you own both a PC and a smartphone, the contrast between the hassle of keeping the former safe and the “just use it” feel of the latter is one of the joys of the handheld device.

There is a further point. Banks do have the right, although I’m not sure how often they use it, to refuse a refund for online fraud if you have not taken reasonable steps to keep your device safe. But if you bank via a smartphone app you are using your bank’s own software on a device that it has deemed safe enough to host it in normal circumstances. If a vulnerability should arise, it’s down to the bank, or Apple or other device maker, to provide the update needed to restore security.

So, whatever your age, if you want to bank online it’s time to step into the age of the smartphone.

Telegraph:              Just How Safe Is Online Banking?:
 

« Codebreakers: Cybersecurity School At Bletchley Park
How Much Do IT Graduate & Intern Jobs Currently Pay? »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Cybereason

Cybereason

Cybereason provides real-time detection of malicious activity enabling you to identify the cause and scope of an attack and ensure an effective response.

HID Global

HID Global

HID Global is a trusted leader in products, services and solutions related to the creation, management, and use of secure identities.

ClickDatos

ClickDatos

ClickDatos specializes in consulting, auditing, data protection training, accredited by ISO/IEC 27001 certification.

CipherMail

CipherMail

CipherMail provides email security products which allow organizations world wide to automatically protect their email against unauthorized access both in transit and at rest.

Cansure

Cansure

Cansure is a leading insurance provider in Canada offering a broad range of property & casualty insurance solutions including Cyber & Data Breach insurance.

Advisera 27001Academy

Advisera 27001Academy

Advisera is a market leader in providing documentation and online support for the implementation of business standards including ISO 27001, ISO 22301 and EU GDPR.

ABS Group

ABS Group

ABS Group provides risk and reliability solutions and technical services that help clients confirm the safety, integrity and security of critical assets and operations.

Blue Hexagon

Blue Hexagon

Blue Hexagon is a deep learning innovator focused on protecting organizations from cyberthreats.

Neovera

Neovera

Neovera is a trusted provider of managed services including cyber security and enterprise cloud solutions, committed to delivering results through the innovative use of scalable enterprise-grade tech.

SIA Group

SIA Group

SIA Group, an Indra company, combines Consulting, Systems Integration and Managed Services in four specialized business areas: Information Security, Storage, IT Management and IT Mobility.

A&O IT Group

A&O IT Group

A&O IT Group provide IT support and services including IT Managed Services, IT Project Services, IT Engineer Services and Cyber Security.

Framatome

Framatome

Framatome Cybersecurity portfolio is directly inspired by its unique experience in nuclear safety for critical information systems and electrical systems design.

Digital Element

Digital Element

Digital Element is a global IP geolocation and intelligence leader with unrivaled expertise in leveraging IP address insights to deliver new value to companies.

Splashtop

Splashtop

Splashtop’s cloud-based, secure, and easily managed remote access solution is increasingly replacing legacy approaches such as virtual private networks.

Spera Security

Spera Security

Spera helps identity security professionals effectively and confidently measure, prioritize and reduce identity risk to better protect the organization from identity-based attacks.

Robust Intelligence

Robust Intelligence

Robust Intelligence enables enterprises to secure their AI transformation with an automated solution to protect against security and safety threats.