Is online banking safer or riskier than banking by phone and by visit?

[Brendan Burgess]

I moved this from another thread where a poster did not want to have online banking because of the danger - Brendan

My gut feeling is that you would be less open to fraud if you had online banking.

You could refuse to do any online payments which is what scares people most. They worry that if they put in a wrong digit on an account number, that their money will be gone forever.

You could check your balance more often. If you go into your branch and find that the balance is nil when you were expecting €50,000 and they told you that you had withdrawn €50,000 six months ago, it would be difficult to resolve.

This is probably unlikely, but the credit card is very vulnerable to old fashioned fraud. Again, if you checked the balance online, you would see it sooner.

But it's a good question. Which is more open to fraud - an account checked once every few months by phone or visit or an account checked frequently online.

Brendan

 

[arbitron]

Like a lot of people, I check my internet banking daily out of habit. Unlock my phone, click on the app, click login, tap my fingerprint, immediately see my balance and check for dodgy transactions. Less than 60 seconds and I have peace of mind. I get notifications for transactions and I have the option to instantly block my card if I lose it or if I see any fraud. Even when I am abroad I have access to everything 24/7.

There is no way that being analogue with banks (i.e. no phone banking, no internet banking) is safer or easier. Who has time to be phoning up, physically queueing, or waiting for a paper statement in the post?

If the bank had the phone service that some people want it would be wide open for abuse. Someone gets a few basic details about you and they can ring up impersonating you. The customers who want to be able to call the bank manager for a chat would be the first to complain about a data breach.

I don't think anyone is doing it on this thread but there is often an absurd infantilisation of older people or those from rural areas as if they are incapable of using technology. During lockdown I set up an elderly, visually-impaired relative with online banking on her tablet. She was reluctant but took the leap and now is delighted to be able to avoid trips to the bank. She doesn't do any transactions, she just uses it to monitor things. Banking apps are not the most beautiful and are not perfectly designed but they do the job. Anyone who can use AAM has no excuse.

 

[24601]

I think from a social engineering perspective online delivery channels vastly expand the modes of attack. So much info is available online via social media and through data leaks that scammers can really exploit these vulnerabilities efficiently, at low cost and with a low probability of being caught. People have their guards down in their own homes or going about their lives so when you remove the formality of a banking hall, tellers, ID etc., and you have someone convincing at the end of the blower relaying all your details back to you, it's very easy for people to give away their login credentials and follow out the instructions of the fraudster.

It's much harder to compromise an account that is wholly analogue, but those sort of accounts are functionally useless in 2023. The banks make their non-online delivery channels extremely difficult to access - which I think is fair enough to be honest - so unless you have hours to set aside every month to wait on hold or queue in a branch, then it's a non-runner. The risks associated with online are well worth it. Most people are pretty clued in so it's just about ensuring ongoing awareness at population level, especially when there are innovations in the types of attack doing the rounds.

 

[NoRegretsCoyote]

It's much harder to compromise an account that is wholly analogue, but those sort of accounts are functionally useless in 2023. The banks make their non-online delivery channels extremely difficult to access - which I think is fair enough to be honest - so unless you have hours to set aside every month to wait on hold or queue in a branch, then it's a non-runner.

Supposing you have a pension predictably going in, a few direct debits, an ATM card and a cheque book. You can check your balance via ATM every so often.

I think this is a sufficient service for many people and is very difficult for a fraudster to compromise.

 

[RedOnion]

Online banking isn't where fraud happens. The vast majority is through cards.

 

[LondonIrish]

My folks are in their 80s and have never adapted to online banking. I help them as much as possible but they are fearful of online transactions and find comfort in face to face interactions. That said, their local branch has long since closed and they have to travel to across several suburbs to do their banking which is problematic when both of them suffer from limited mobility. The downside is that they really don't know how much is in any account, or indeed have a realtime view of their finances. On this point alone I would consider them very vulnerable to fraud because it might be several months before they even realise that something has happened but at their age they are just not going to change how they do things.

 

[NoRegretsCoyote]

Online banking isn't where fraud happens. The vast majority is through cards.

While true, it lacks nuance. Card fraud is much more common but, when it occurs, fraud using electronic funds transfer is usually a much larger amount.

Card fraud is also on the decline as secure customer authentication is now standard. Fraud via social engineering is increasingly common and again more likely that electronic funds transfer is used in successful attempts.

 

[Fortune]

Check the balance regularly at an ATM? This approach would be simple to ruin with a card skimmer on an ATM.

 

[RedOnion]

While true, it lacks nuance. Card fraud is much more common but, when it occurs, fraud using electronic funds transfer is usually a much larger amount.

Card fraud is also on the decline as secure customer authentication is now standard. Fraud via social engineering is increasingly common and again more likely that electronic funds transfer is used in successful attempts.

When you exclude invoice redirection fraud, how much funds transfer fraud happens with a PSD2 compliant irish bank?

If I give you my login details to my AIB account, what can you actually do?

The absolute value of card fraud is increasing year on year globally. It decreased as a percentage of card transactions, but is still increasing in absolute value.

 

[NoRegretsCoyote]

When you exclude invoice redirection fraud, how much funds transfer fraud happens with a PSD2 compliant irish bank?

If I give you my login details to my AIB account, what can you actually do?

I am more familiar with trends than techniques but the BPFI has just said:

the continued rise in value of unauthorised electronic transfers (primarily payments through mobile and online banking) which accounted for almost 39% of fraud losses at €32.8m, but less than 4% of transaction volumes. Meanwhile, there was a 19% decrease in authorised push payment (APP fraud) transactions in 2022 compared to 2021, and APP fraud losses dropped by 41% to €9.9m, the lowest value since the data became available in 2019.

The absolute value of card fraud is increasing year on year globally. It decreased as a percentage of card transactions, but is still increasing in absolute value.

The latest ECB report on card fraud shows a decline in values in 2020 and 2021 in the EU as secure customer authentication has been rolled out. I would imagine this trend has continued.

So - and as I said - card is indeed the most common fraud technique. But EFT-related fraud is growing and the amounts involved are on average a lot higher.

 

[RedOnion]

The latest ECB report on card fraud shows a decline in values in 2020 and 2021 in the EU as secure customer authentication has been rolled out. I would imagine this trend has continued.

You're picking and choosing statistics now. Look at the BPFI report you used for your other point. Card fraud in Ireland peaked around 2016/17, but has been increasing again recently, with a 37% year on year increase in 2022.

Card fraud is much more common but, when it occurs, fraud using electronic funds transfer is usually a much larger amount.

When it occurs, old fashioned cheques are the highest average value.

 

[thedaddyman]

Online banking is a tool, just like phone banking and just like walking into a branch.


Fraud happens, it can happen online but you card can also be skimed in an ATM or a shop. You could stick to cash but there are plenty of conterfeits out there as well. Cheque can be intercepted and altered. Invoice fraud can occur.