Online Banking

[halfpower]

How safe is online banking? There is the 128-bit encryption on the wireless network, and then there is the encryption used by the HTTPS protocol. This makes things safer, but not cracker-proofed. We live in a world where there are numerous trojans, key stroke loggers, botnets, worms, viruses, etc. There are botnets now that span across millions of computers. How can anyone feel safe while making financial transactions online?

 

[Bandit1]

Routine password changing,strong passwords,no caching passwords.There are alot of things one can do to help themeselfs.Certainly,a careless or lazy security minded pc user should'nt do this sort of thing online.I feel fairly safe about it,but the bottom line is my account is setup with limited options to begin with.Nothing is impossible to hack,really,but would someone really take the time that has those skills and find out you have 5$ in there,lol?

 

[Zugzwang152]

Originally posted by: halfpower
How safe is online banking? There is the 128-bit encryption on the wireless network, and then there is the encryption used by the HTTPS protocol. This makes things safer, but not cracker-proofed. We live in a world where there are numerous trojans, key stroke loggers, botnets, worms, viruses, etc. There are botnets now that span across millions of computers. How can anyone feel safe while making financial transactions online?

You realize that trojans, key stroke loggers, botnets, worms, and viruses have nothing to do with the fact that the transmission is encrypted right?

It's not how safe online banking is, it's how safe your computer is. The banks are doing a much better job than their average customer protecting their end.

 

[halfpower]

Originally posted by: Zugzwang152

Originally posted by: halfpower
How safe is online banking? There is the 128-bit encryption on the wireless network, and then there is the encryption used by the HTTPS protocol. This makes things safer, but not cracker-proofed. We live in a world where there are numerous trojans, key stroke loggers, botnets, worms, viruses, etc. There are botnets now that span across millions of computers. How can anyone feel safe while making financial transactions online?

You realize that trojans, key stroke loggers, botnets, worms, and viruses have nothing to do with the fact that the transmission is encrypted right?

It's not how safe online banking is, it's how safe your computer is. The banks are doing a much better job than their average customer protecting their end.

This is my point exactly. Banking customers could be getting trojans through USB drive. They can contract a virus simply by viewing a web page. I've even heard of malware contained in .WMA files that are masqueraded as .MP3 files. I get the sense that malware is extremely pervasive, and that most computer users are at risk.

 

[halfpower]

Originally posted by: Bandit1
Routine password changing,strong passwords,no caching passwords.There are alot of things one can do to help themeselfs.Certainly,a careless or lazy security minded pc user should'nt do this sort of thing online.I feel fairly safe about it,but the bottom line is my account is setup with limited options to begin with.Nothing is impossible to hack,really,but would someone really take the time that has those skills and find out you have 5$ in there,lol?

A botnet could have 100,000s of zombie computers. Even if you only have $5 in your account, it could potentially add up if enough computers are compromised.

 

[lxskllr]

That's why it's important to be aware, and to maintain your machine. You can what if all day about anything. I have full confidence that my machine is secure.

 

[Oakenfold]

Originally posted by: halfpower
How safe is online banking? There is the 128-bit encryption on the wireless network, and then there is the encryption used by the HTTPS protocol. This makes things safer, but not cracker-proofed. We live in a world where there are numerous trojans, key stroke loggers, botnets, worms, viruses, etc. There are botnets now that span across millions of computers. How can anyone feel safe while making financial transactions online?

There is always going to be risk, whether we are talking about the financial institution being compromised or your personal computing practices being the weak control. Financial institutions have been dealing with various forms of fraud since they were created, whether it's via ACH, Check, Pin or Signature based transactions there are rules in place that protect the consumer.

The question you should answer is what is your liability with your financial institution for transactions that you didn't authorize. I would recommend contacting your financial institution if you want specifics.

After you get your answer I think you will feel much better about online banking.

 

[bsobel]

Originally posted by: halfpower
How safe is online banking? There is the 128-bit encryption on the wireless network, and then there is the encryption used by the HTTPS protocol. This makes things safer, but not cracker-proofed. We live in a world where there are numerous trojans, key stroke loggers, botnets, worms, viruses, etc. There are botnets now that span across millions of computers. How can anyone feel safe while making financial transactions online?

Life is risk, its impossible to avoid risk, it simply needs to be balanced.

I feel just as safe as the risks of handing my credit card to an unknown waiter at a restaurent who may be paid $20 each to run it thru a scanner. Banking entails risk, but luckily the banks really do absorb most of that when fraud occurs. Worst case, I'm hassled but most likely to get my funds returned. For the banks its a cost of doing business and when that cost (fraud) is greater than the return (banks don't even bother trying to remove all fraud, as it would make legit transactions so cumbersome they'd lose cusotmers) they adjust. Things like SiteKeys (etc) are such an adjustment, a balance of usability vs security.

For really high value transactions I can employee things like a hardtoken where the keylogger on my box (if I have one) simply doesn't matter without the physical device.

 

[n0cmonkey]

Assume they already have your information (they do), and keep an eye out for bad transactions.

Use a machine solely for the purpose for personal finance purposes. Keep it up to date, and segregated as well as possible from your other machines.