Would you do all your banking on your mobile phone?

I take it that’s a NO from Duncan and it’s one from me as well. Since I don’t even have a mobile phone at the moment – and I am not missing it – it’s not actually an option. I do, however, bank on-line from time to time and prefer that to queuing up in a branch. But recently I had a number of things to sort out and was glad I could just pop into the branch and receive comprehensive and competent attention.

The posting of this article is timely given the latest major hack on mobile phone transactions currently being illustrated in China where phoney mobile masts are used to intercept and relay messages. If your phone has been infected – and this can occur before delivery to you of your new phone, or by your own action, or a message from a friend -then your banking could be seriously endangered.

thehackernews.com/2017/03/rogue-bts-android-malware.html

” the Swearing Trojan has the capability to steal bank credentials and other sensitive information from victim Android devices and to bypass two-factor authentication by replacing a user’s legit SMS app with a malicious version that intercepts incoming SMS messages.
What’s more interesting? To avoid detection of any malicious activity, the Swearing trojan doesn’t connect to any remote command-and-control (C&C) server. Instead, it uses SMS or emails to send stolen data back to the hackers.”

Mobile banking I am afraid is a convenient but ultimately dangerous concept. The banks in their drive to make money are also introducing the 1 day clearing and I suspect this will – surprise surprise also be flawed – at this stage the banks will demand abolition of the cheques – or more to the point simply stop processing them. The wishes of the people and Parliament will be irrelevant.

As one who both studied auditing and worked as a banker I can tell you one of the ways to prevent fraud is to build in delays and checks . There are costs attached to any system. The immediate one for the Banks is to get everything electronic as that is cheaper for them.

As we know from the lending debacle in 2008 Banks are now working in the very short-term with executive bonuses to be considered. As the Banks are unable and unwilling to think of adequate security other than the latest promised secure system then the Government is not much better.

The Consumers Association, publishers of Which?, need to consider that in fact they need to do an in depth look from the consumer side of the fence as to the what-if scenarios that one can foresee and how customers will be affected. Reiterating what Banks put out and pretending everything is rosy and secure is doing subscribers no good whatsoever.

It is almost as though all those Wikileaks about cracking phones and systems does not indicate anything at all and what the NSA can do so can crooks. The story that two US multi-nationals were conned out of $100m over 2 years also shows even without hacking the systems have insufficient drag to allow humans the time to think and consider what is happening.

If we are to be forced towards an electronics only system then the safeguards for the elderly, infirm and incapable, the recovery method were Banks go off-line, and many other aspects need to be sorted NOW so we can be slightly reassured that policies are not being made on the hoof and all with a view to the profit margins.

We also need to consider that we need a parallel system – cash and cheques – which in the event of a major attack on the clearing system or the networks allows people to continue to buy food etc.

I use cash a lot because it is a demonstration of its utility and simplicity and aids budgeting. I do fear an entirely card/electronic system that is inherently vulnerable to outages or manipulation.

I only do online banking and have not been in a branch or used cheques etc for years. I freely switch from pc to phone to tablet using browsers and apps. Whenever possible i use credit cards and ideally contactless payments on my phone.
I have weekly emails to track transactions and alefts if balances go over/under set limits. Everything is set with direct debits or standing orders, but for ad hoc payments I’ll crack open their app to do it, even to setup the payee.
I cannot imagine banking without this freedom. There are various protections in place should anything go wrong, so my liability is trivial.
My only consideration is to turn on VPN if I am on a public wifi, or wait until I get back to 4g or home.

” Late last year, we ran an online survey of 9,076 Which? members – it suggested that more than half of under-40s would be happy to open a mobile-only account. ”

It must be a tribute to journalism that the Question: “Would you consider a mobile-only current account” translates to ” happy to open”. I can assure you that being happy to consider is not the same as happy to open.

I would therefore suggest that the article is flawed and quite possibly the survey – which we have no link to see the quality of the questions and the full data. I have a suspicion that this would be a web-based survey to those on the Connect panel who by the very nature might be regarded as the more computer literate.

It does seem a shame that Which? does not provide subscribers with the details of surveys when it is commonly acknowledged that surveys can be open to manipulation and misinterpretation and surely a consumers body should be demonstrating the transparent and open use of data.

Which? hasn’t been hesitant in coming forward to scandalise banks and other organisations that have caused major public dissatisfaction over their handling of data and security, so I wouldn’t accuse it of trying to conceal survey results in order to protect the banks or to follow a government agenda [if there was one]. I just think it’s a case of not wanting outsiders to apply detailed analysis to their more populist expression of apparent conclusions. We do have a tendency in Which? Conversation to grind things exceedingly fine which probably make some of the in-house researchers and writers a little uncomfortable. Personally I am all in favour of transparency and exposing deductions to external scrutiny, but as we all know mass surveys rely on simplicity, even to the point of being glaringly simplistic, in order to get enough people to complete them to produce a statistically significant response – riddled with flaws though it is. The interpretation and translation of the findings is pure journalism.

When Which? says ”Late last year, we ran an online survey of 9,076 Which? members . . .” I would put money on that not being the truth either. I suspect they surveyed twice or thrice that number but fewer than ten thousand had nothing better to do at that moment the remainder either giving up on it or ignoring it altogether. In the world of opinion research, abstaining does not count so it is not reported.

my plain answer is no to apps on mobile devices we are if we go down that road giving our rites away to privacy: one there is no guarentee you have a secure line and my second comment would be with the baboons currently serving in government and one i can name personally as the one and only amber rudd calling for all internet service suppliers to create a back door for agency’s to read and infiltrate messages and the like what message does this send to those who engaged in scamming and outright theft on the general populace i have been saying for years to my bank in particular there is absolutely nothing in place to protect the customers rights all the regulations are in favor of the vendors this needs to be changed as a matter of the utmost urgency

I just opened an account with Revolut to take advantage of their fantastic foreign exchange rates. They were happy to take my money, but then locked my account “for security reasons”. I followed their instructions in the app but it repeatedly failed (with irrelevant error messages). So on to instant messaging help (the only type available). I explained the problem to their robot who responded with something useless and asked if I’d like to visit their website’s FAQ or contact a human. I’d already been through FAQ so obviously chose the human. 1.5 hours later there was a response but by that time I was elsewhere.
Tried again today. 17 minutes wait for a human response “let me get familiar with your case”. 13 minutes later “please take 4 photos as follows … for security”. No explanation of how to do this or that you need to go into Android Settings Apps Revolut Permissions and allow Revolut to access your camera. Took the photos. Now waiting again…40 minutes and counting.
I presume that these photos will permit Revolut to remove the block on my account.
Very poor app messages
Very slow IM service
No way to access your account via the web. App only.
Excellent exchange rates.
Overall, you should avoid Revolut until they have fixed their technology and changed their culture to be concerned for their customers

Only possible and accessible to online customers of course. The paperwork would become overwhelming otherwise. Isn’t life complicated enough without adding to it? On the other hand, we do draw cash from other banks ATMs I suppose………………..

You do remember HSBC was hit by by hackers in January -2016 ?? If you want to go back to -2012 HSBC + others were hacked even with their “secure ” types of anti-virus apps .straight off the -This is Money website , not even one of the hacker information websites I get info from . Don’t think Cloud Storage is impenetrable-it isn’t. Then we come to America where all this originates -Global Banking , the cover-ups are shocking but thank goodness for whistle-blowers.

I am sure some dont believe me so I found a simple explanation website -NYT . When the “Times ” is mentioned its the NYT. : http://www.pymnts.com/news/2015/how-hundred-banks-got-hacked-and-lost-900-million/ . The company that found out was Kaspersky -a Russian malware protection company . As usually with whistleblowers- now -2017 Congress is being pushed to ban Kaspesrkey in the USA. I do .of course have a mountain of other info on this subject.