Phone banking app, wifi vs data

I do some banking on my phone. I don't use wifi, I use data. Is this better than wifi, or is my info just as vulnerable when using data? 

Theoretically you're safer using data. If you were somehow induced to connect to a phony network (says it's Starbucks free wifi, but it's not) you could get bagged, but I'm guessing that bank apps are point to point encrypted anyway.

Your own network could be compromised too, but I don't find that super likely. Not impossible, not 1 in a million, but pretty damn unlikely.

Banks want you to use these apps, so I'd think they would make you whole if something happened- which is why you can't transfer a million bucks out of your account using the app. They limit their exposure.

Just out of curiosity, why do banks (and really many businesses of all kinds) try to push people towards Apps?

Better than having you walk into a branch.  And they're pushing each  other to a large extent.

conandrob240 said:

Just out of curiosity, why do banks (and really many businesses of all kinds) try to push people towards Apps?

As ctrz says, Cheap! Cheap cheap cheap. 

A digression- or perhaps expansion: this is the theme for the next 20 years or more in employment, especially (not a political comment) because of the wage movements occurring around the country. 

Jobs would always be taken by automation anyway, but the wage pressure will accelerate that. Robots (being somewhat facetious but not entirely) don't need raises, sick days, vacations, or paid leave. They are long run cheaper to operate than humans are to employ, by and large. Their up front costs are higher (generally) and they can't do what humans do in complex tasks but they're getting better.

Labor and technology are always at odds in this sense- to the extent that robots become the cheaper option to labor in one way or another, the incremental flow of capital is to the robots. 

After the financial crisis one of the aspects of the sundry stimulus packages was accelerate depreciation for equipment for tax purposes. The hope was that would goose capital expenditures and keep the economy moving a bit. Labor, organized labor at least, had a cow, because a ton of people were out of work, and tax breaks made the robots incrementally more attractive to "hire" than humans. 

So this is a potential unintended consequence of all the calls for minimum wage, paid leave, healthcare whatever. As you make humans more expensive, you make them a less attractive option. Working from the other direction, as robots get cheaper and better, they become more attractive. 

Both those lines are moving in the direction they're moving no matter what-technology marches forward. But it may go faster than economics would expect due to shifts in costs- which can be really bad, because if a job goes away over 5 years rather than 20, the humans in that job have no, or less, time to prepare or re train.

This can lead to really unhappy people! 

So yeah- banks want you to use apps for the same reason they wanted you to use ATM.... And as CTRZ says, they are pressured by competitors to do so. These apps will absolutely lead to fewer jobs for tellers marginally, but hopefully they can catch on with more highly skilled jobs in the industry after receiving training.

i would think your private home wifi is fine, but I would never use public free wifi for any banking

I do all my banking by mail. For security.

jmitw said:

i would think your private home wifi is fine, but I would never use public free wifi for any banking

I don't use public wifi, and for some reason my wifi signal at home slows down the phone considerably, so I don't use it at home either.  I have my wifi shut off and only use data.  Since I don't stream videos or download music on my phone I don't use a lot of data, so having the wifi turned off makes sense for me.  

I only ask because a relative now refuses to do online phone banking outside of their home.  To me, that defeats the purpose of having the phone app, as the full desktop version of the website would be easier to use if you're only using online banking at home anyway.  They use wifi on their phone when out, but I don't know if they use public wifi, or if they use ones they need to log into.

So it's cheaper for a bank to develop and maintain an app than it is for you to use their website? I wasn't talking about vs. going into a branch. I use an internet based bank and I am constantly asked to switch to their app, that's why I was wondering. I haven't physically been in a bank for years. And it always astounds me how many bank branches keep popping up. If anything, I would think far FEWER people are live banking.

People will attack the weakest point, so if someone wants your banking information they're getting it from the bank. People work in the bank and people give information to others.

All bank websites and transactions in an app are going to be end to end encrypted, which means that no one can decode the transmission if it's intercepted (with one major exception that I'll go into below to just be complete on the subject). There is no known way around the sort of encryption used, so there's no reason to even avoid using public wifi.

There's also no reason to assume that your home wifi and home network are secure, especially if you're not actively patching your router and computer.  These days it is safe to assume that phones are more secure than computers, as the variety of real malware in the wild is much lower (i.e. largely nonexistant) on phones.

The exception to being safe about end to end encryption would be if you're using a computer at an office, or a shared computer, it's possible that the business has a firewall that is capable of acting as a man in the middle and decrypts and reencrypts your secure data. This is usually done because the employer wants to stop people goofing off at work, but it also means that they see all the web traffic that's happening. In order for this to work without popping up a certificate error, the certificate for their device needs to be added to a computer. In the case of a business they add their certificates automatically.

That's an attempt to try and keep things simple at least. But to sum up, I would use a phone for banking over a computer and wouldn't worry about interception under the assumption that the program is encrypting the data. You should be able to verify this with your bank.

(Well, I should also say that I use my computer for banking, because I'm not paranoid. I'm just trying to come up with guidance for paranoid people!)

conandrob240 said:

So it's cheaper for a bank to develop and maintain an app than it is for you to use their website? I wasn't talking about vs. going into a branch. I use an internet based bank and I am constantly asked to switch to their app, that's why I was wondering. I haven't physically been in a bank for years. And it always astounds me how many bank branches keep popping up. If anything, I would think far FEWER people are live banking.

LOL oh do I prattle on then!!

I think it's as simple as people spending more time on mobile devices than their desktop. 

As far as why they keep opening branches- most people still open accounts face to face, and they still transact "big ticket" bank business in person. If you get the rent right, staffing is light, so if it's an affluent area it's a pretty good revenue generator. 

Lots of banks have the equivalent of financial advisors in branches now, so they can get a piece of revenue from there ("hi conandrob? My private banker just told me you deposited another $100000 in cash. Can you come in so we can discuss investing it for you?")

@qrysdonnell, encryption has improved a lot lately, but it's never a certainly secure thing. Things go wrong, and vulnerabilities are found. For encryption to work right, the algorithm must be complicated, and a complicated algorithm is understood only by a few people, and they can miss vulnerabilities even when looking for them. It's fair to say most banks use encryption that is very hard to crack and the likelihood of a crack is low, but I think it's irresponsible to tell anyone that it's absolutely 100% secure and nothing could ever happen.