Online Banking: No way!
Why we will never do online banking and why others should not offer it, either.
▽Mar. 23, 2020|Charlotte Linss
securitymobile bankingcharlotte
Who is not familiar with this situation? We receive a bill, take out the cellphone, open the browser, quickly enter the bank details and – hey presto – the money is already transferred. So quick, so easy, so uncomplicated.
But wait! How safe is this entire process, actually, and which good reasons argue against online banking?
At first it is important to distinguish browser-based online banking from app-based mobile banking. Even though you can use both quickly and easily on the smartphone, there are major differences, especially when it comes to security. Let´s have a look at them below.
Current Situation
First, we want to consider the current market situation. Mobile banks such as N26 and bunq took up their work to revolutionize and simplify conventional banking. The modern user does not have to go to a bank branch in person anymore or access his or her online banking at the computer via a browser. Instead, she simply uses an app on the smartphone. So far, so good.
However, the users of the mobile banks were also acquainted with browser-based banking and increasingly asked if this wasn’t a great opportunity that makes it easier for the user to access his or her accounts from anywhere. Consequently, these mobile banks also introduced computer-based online banking.
Readers of our blog might ask themselves now: Will the offer of Puzzle2Pay at some point not only be mobile but also browser-based? Here the answer is a clear: No! – for the following reasons.
Online banking: What argues in favor of it
First and foremost, one decisive factor argues in favor of online banking: nowadays, customers expect it. It is convenient, flexible and overseeable and you can take care of your banking transactions within seconds, without having to step outside. It has been established in the market, is offered by almost every bank and is used by private persons, as well as by smaller companies. Handling the banking transactions online at the computer gives the user a good overview and thanks to the keyboard, input can be done halfway error-free.
Why you should reconsider it
All you need for online banking is an internet connection and a web browser. However, keep in mind that the internet is like the Wild West: you never know when the next assault will happen. In a way, you’re always in danger of losing control over your banking transactions - and in the worst case, your entire savings. This is mainly due to the fact that people are too seldom aware that open internet connections can easily be attacked.
For example, if you use online banking in an internet cafe or in an unknown WLAN network, you cannot be sure at all, that your personal data is protected. Attacks like DNS hijacking or homograph can be used for malicious redirections. This is how you end up on sites that are confusingly similar to the originals. Before you could turn round, you have entered your data in a field on a replica or copied website. Or you replied to a supposedly official e-mail. And this is bound to end in disaster.
Everybody has heard of phishing, but sometimes we like to regard ourselves as smarter than the rest - according to the motto ‘I know the risks, something like this could never happen to me, I have a secure password and always log out’ - and then you still walk right into the trap.
Ultimately, the - probably unsolvable - problem is that in an open environment such as the internet, you expect both security and freedom. However, we can only distinguish between both through visual impressions, which are manipulable at will.
Approaches to solve the problem, such as the telematics infrastructure introduced in the german health care system will ultimately fail because of a single black sheep that can unhinge the security of the entire system.
Mobile banking
Online banking is contrasted with mobile banking, which can also be processed via smartphone. Compared to online banking, this has several advantages, especially with regard to the security of user data. But there are also disadvantages, which mainly concern the user friendliness, as will be shown in the following.
Why it is a secure alternative to online banking
The customer uses his or her smartphone for mobile banking. This means that there is exactly one user per mobile phone, who usually protects his or her device with a password, to impede random access. Further authentication options include biometric data such as fingerprints or facial scans. This makes the smartphone a more secure terminal device than any computer, to which a large number of people often have access without really having to identify themselves.
If a customer decides to use mobile banking, she needs to install an app. Anyone can release a website, but getting an app into the app store requires more effort as they are typically moderated. This makes it much more difficult for fraudsters to release fake apps for phishing, even though it is not impossible.
Furthermore, the smartphone operating system can isolate the apps better from each other. Secrets of the app, such as the access data to the bank, will therefore not be seen by another app. For historical reasons, this strict separation is much more difficult to realize in the PC environment.
Disadvantages you can live with?
There are some inconveniences associated with using a smartphone as opposed to a computer with a keyboard and a mouse. Not having a keyboard can make data input slower and less accurate. In addition, there is no copy and paste option accross devices. Data can no longer simply be copied from the computer out of Word, Excel or other programs to fill out a bank transfer form. Furthermore, the screen of a smartphone is usually much smaller, which can make it more difficult to have an overview of a lot of data.
Ultimately, the advantages and disadvantages must be weighed against each other and you should decide for the option that suits you better. However, data security should always have the highest priority!
Outlook
Unfortunately, there is no really secure banking in the Wild West of the internet. Current solutions are at best good enough. We have therefore decided not to implement online banking ever, in order to avoid a false sense of security.
This leaves smartphones and tablets to make money transactions. In the long term, we also envision server-based solutions for small and medium-sized companies.