Security for managing e-accounts when abroad

AndrewB

AndrewB

Well-Known Member
Joined
7 Jun 2001
Messages
5,877
Location
Dover/Corfu
Visit site
Sorry if this question has been answered before, but I can't spot it.

As we cruise around we are faced with managing our bank accounts and making largish VISA transactions via internet, using whatever hookup we can make. (Obviously the sites to which money transfers are made claim to be secure). I worry about the security of this, as potentially we could lose significant sums if any of these were cracked. The options available to us, in order of cost, are

1. Via my PC and mobile phone (with a local sim-card) to an international ISP (very expensive, and very slow).
2. Wifi with my PC, using a paid-for service, e.g. in post offices.
3. Internet cafe, their PC.
4. Wifi with my PC, freebie where we pick up a signal from an unsecured server.

Very grateful for any advice.
 
I would be very carefull using other's PCs as it's easy for swindlers to install a "keylogger" which logs your keystrokes to e file and consequently get your passwords and userids.

BB
 
A bit tangential but have you considered telephone banking? We've used this and xferred money in all kind of remote places. It is probably as quick if not quicker (in terms of connection time for a mobile) than doing it across the net.

Regarding use of PCs, personally, I wouldn't do any financial transactions from anything else using my own pc and connection to the net
 
I have always used telephone banking and even if someone somehow sees the keys you type in for security code it doesn't help them as they ask for a different number each time you phone. 8 digit code, they will ask for 2nd and 5th for instance.

It has always been easy and quick to use and you can track payments out and in as well as make payments easily. We had direct debit full balance payment set up on several cards.

The Internet is an open communication medium, I cant see how they can ever make it 100% secure, no doubt an IT expert will question this statement....
 
1) very secure, as everything will be encrypted, even in the unlikely event that someone with scanning equipment mangaged somehow to capture your transmission.

2) reasonably secure if the wifi link is using encryption, as again the transmission to the bank will be encrypted.

3) not secure, as it's possible that keyloggers installed as already mentioned. Though the instances of this are actually quite low

4) reasonably secure, as even if someone is monitoring, the transmission to the bank is encrypted.

All transmissions of data to and from the bank will be using high level encryption. Although in theory it's possible to break the encryption, it would take someone with exceptional knowledge and resources to actually do this. You are far more likely to lose money through someone spoofing an ATM machine, or simply reading your pin code with binoculars or over your shoulder at an ATM machine, so not worth losing sleep over.

The one option above I would not use is someone elses pc in an internet cafe
 
Have been using internet banking for some years and telephone banking for long time prior and entirely agree with your assessment.

To those claiming telephone banking is more secure I would suggest that is not so (and for myself I regard it as much less secure than internet banking).

With respect to credit cards and the internet, I regard secure sites as one of the most secure uses for cards - cannot see how handing cards over in shops, telephoning/faxing card details, etc is really any more secure myself as main risk is always the bod at the receiving end.

With respect to keylogging, was just a couple of months ago a series of cases here in my home city where PC's in internet cafes were found to be being key logged - was discovered when people found their bank accounts interfered with.

If forced to use anothers computer (for me that happens if I am in a client's office o/seas) I change the password straight after unless I know that the environment is secure (in which case I change it next time is convenient).

Is actually very easy here to set ones accounts up so it is very difficult (impossible?) for anyone to fraudulently get much or any money out via the internet - I assume it is the same in the UK. In the case of fraudulent credit card use here, it is the banks problem, not the cardholder's (unless the cardholder can be shown to have been careless - usually limited to willingly making the card and PIN available to another person and that leading to the fraud).

John
 
The other thing to do if using other peoples computers, is to delete caches and autofill, and not to accept the option to record the password. You do need to know what you are doing though, and the customer might not find this acceptable, especially if you delete his password file if he is the sort that relies on it to access sites as he cannot remember the passwords /forums/images/graemlins/smile.gif Not that I've ever been in this position! /forums/images/graemlins/blush.gif

UK Banks have extremely good security, despite a few well documented screw ups in the early days of internet banking. The processes in place these days negate these 'operator error' problems. I'd feel a great deal happier using internet banking abroad than even telephone banking. My job for years has been selling software to banks though, so I know their systems and processes, so probably more comfortable than most
 
Not sure if all banks do this but The Royal Bank of Scotland give me control numbers that I can use either on the telephone or by Fax. - A random group of letters and numbers in each group matched only by my branch and myself. For major transactions this system is pretty secure - better than date of birth - maiden names etc.
 
Not sure if it's the same thing, but Lloyds TSB have a nice system where in addition to username/password they ask for three characters from a longer phrase. That means that a keylogger will not work unless it monitors lots of different logins.
 
not the same thing I think - 2 cards are produced with 50+ sets of code - I have one and the bank has one - I have to quote the next code on the list and the bank has to recognise it as the next code - The bank keeps their hard copy in the vault! I have my hard copy kept... but nobody except me knows what the list is for - how to operate it - or by the way I mark the used codes - which one is next.... No computers involved - very simple and I suspect very secure.... Unless someone knows otherwise.

Would emphasise I only use this system for more serious monies - I use telephone or computer banking to make modest payments or move funds around etc
 
Hi Andrew,

We are cruising within EU at the moment, outside Europe some of what I will say may not be relevant.

1. Every possible UK account is set up for direct debit, minimising the number of transactions that we need to carry out personally.
2. Use a debit card, not credit, to avoid monthly payments or charges.
3. We occasionally use GPRS from the boat, with free ISP from the RYA. GPRS cost is relatively high but does overcome the security problem. Helps a lot if you set for no graphics, at least for bank sites that you are familiar with.
4. Use Onspeed. it really does work as they say, cuts online time to about a quarter of that without. We found it very effective with GPRS on a Nokia. Have not tried with pay-as-you-go yet but our French and Spanish SIM cards seem to offer cheaper GPRS connection than my UK Vodaphone.
5. We have a Dutch bank account in addition to UK. No charges for drawing Euros, whereas we are paying through the nose from our UK account.

Regards, Vyv
 
We've just worked through the same issue, and the best way to handle multiple email accounts. The best solution we found is to connect from a laptop via widely available and growing wi fi conenctions at cafes, hotels etc. That eliminates the risk of cache being retained on another computer and reduces the risk of spyware (if you check for these things regularly). Regarding email (which you didn't ask about but is useful to know), you can get around the limitations of web mail (and having to be online to compose) by using an smtp relay so you can send and receive from all your accounts from any internet connection through your usual mail client Gradwell smtp There are small gadgets you can buy cheaply that you can use to find wireless signals - saves you having to switch the laptop on to find out.

For banking we use Smile.co.uk - fast and reliable.

I have no connection with either company, other than using their services.
 
You must log in or register to reply here.

Share this page

Top