Would you do all your banking on your mobile phone?

The posting of this article is timely given the latest major hack on mobile phone transactions currently being illustrated in China where phoney mobile masts are used to intercept and relay messages. If your phone has been infected – and this can occur before delivery to you of your new phone, or by your own action, or a message from a friend -then your banking could be seriously endangered.

thehackernews.com/2017/03/rogue-bts-android-malware.html

” the Swearing Trojan has the capability to steal bank credentials and other sensitive information from victim Android devices and to bypass two-factor authentication by replacing a user’s legit SMS app with a malicious version that intercepts incoming SMS messages.
What’s more interesting? To avoid detection of any malicious activity, the Swearing trojan doesn’t connect to any remote command-and-control (C&C) server. Instead, it uses SMS or emails to send stolen data back to the hackers.”

Mobile banking I am afraid is a convenient but ultimately dangerous concept. The banks in their drive to make money are also introducing the 1 day clearing and I suspect this will – surprise surprise also be flawed – at this stage the banks will demand abolition of the cheques – or more to the point simply stop processing them. The wishes of the people and Parliament will be irrelevant.

As one who both studied auditing and worked as a banker I can tell you one of the ways to prevent fraud is to build in delays and checks . There are costs attached to any system. The immediate one for the Banks is to get everything electronic as that is cheaper for them.

As we know from the lending debacle in 2008 Banks are now working in the very short-term with executive bonuses to be considered. As the Banks are unable and unwilling to think of adequate security other than the latest promised secure system then the Government is not much better.

The Consumers Association, publishers of Which?, need to consider that in fact they need to do an in depth look from the consumer side of the fence as to the what-if scenarios that one can foresee and how customers will be affected. Reiterating what Banks put out and pretending everything is rosy and secure is doing subscribers no good whatsoever.

It is almost as though all those Wikileaks about cracking phones and systems does not indicate anything at all and what the NSA can do so can crooks. The story that two US multi-nationals were conned out of $100m over 2 years also shows even without hacking the systems have insufficient drag to allow humans the time to think and consider what is happening.

If we are to be forced towards an electronics only system then the safeguards for the elderly, infirm and incapable, the recovery method were Banks go off-line, and many other aspects need to be sorted NOW so we can be slightly reassured that policies are not being made on the hoof and all with a view to the profit margins.

We also need to consider that we need a parallel system – cash and cheques – which in the event of a major attack on the clearing system or the networks allows people to continue to buy food etc.

I use cash a lot because it is a demonstration of its utility and simplicity and aids budgeting. I do fear an entirely card/electronic system that is inherently vulnerable to outages or manipulation.

I only do online banking and have not been in a branch or used cheques etc for years. I freely switch from pc to phone to tablet using browsers and apps. Whenever possible i use credit cards and ideally contactless payments on my phone.
I have weekly emails to track transactions and alefts if balances go over/under set limits. Everything is set with direct debits or standing orders, but for ad hoc payments I’ll crack open their app to do it, even to setup the payee.
I cannot imagine banking without this freedom. There are various protections in place should anything go wrong, so my liability is trivial.
My only consideration is to turn on VPN if I am on a public wifi, or wait until I get back to 4g or home.

” Late last year, we ran an online survey of 9,076 Which? members – it suggested that more than half of under-40s would be happy to open a mobile-only account. ”

It must be a tribute to journalism that the Question: “Would you consider a mobile-only current account” translates to ” happy to open”. I can assure you that being happy to consider is not the same as happy to open.

I would therefore suggest that the article is flawed and quite possibly the survey – which we have no link to see the quality of the questions and the full data. I have a suspicion that this would be a web-based survey to those on the Connect panel who by the very nature might be regarded as the more computer literate.

It does seem a shame that Which? does not provide subscribers with the details of surveys when it is commonly acknowledged that surveys can be open to manipulation and misinterpretation and surely a consumers body should be demonstrating the transparent and open use of data.

Which? hasn’t been hesitant in coming forward to scandalise banks and other organisations that have caused major public dissatisfaction over their handling of data and security, so I wouldn’t accuse it of trying to conceal survey results in order to protect the banks or to follow a government agenda [if there was one]. I just think it’s a case of not wanting outsiders to apply detailed analysis to their more populist expression of apparent conclusions. We do have a tendency in Which? Conversation to grind things exceedingly fine which probably make some of the in-house researchers and writers a little uncomfortable. Personally I am all in favour of transparency and exposing deductions to external scrutiny, but as we all know mass surveys rely on simplicity, even to the point of being glaringly simplistic, in order to get enough people to complete them to produce a statistically significant response – riddled with flaws though it is. The interpretation and translation of the findings is pure journalism.

When Which? says ”Late last year, we ran an online survey of 9,076 Which? members . . .” I would put money on that not being the truth either. I suspect they surveyed twice or thrice that number but fewer than ten thousand had nothing better to do at that moment the remainder either giving up on it or ignoring it altogether. In the world of opinion research, abstaining does not count so it is not reported.

my plain answer is no to apps on mobile devices we are if we go down that road giving our rites away to privacy: one there is no guarentee you have a secure line and my second comment would be with the baboons currently serving in government and one i can name personally as the one and only amber rudd calling for all internet service suppliers to create a back door for agency’s to read and infiltrate messages and the like what message does this send to those who engaged in scamming and outright theft on the general populace i have been saying for years to my bank in particular there is absolutely nothing in place to protect the customers rights all the regulations are in favor of the vendors this needs to be changed as a matter of the utmost urgency