Serious Discussion In the name of stronger security feature, the bank implements this

HarborFront

Level 72
Thread author
Verified
Top Poster
Content Creator
Oct 9, 2016
6,134
It started with the bank OCBC

Earlier on some bank users got scammed by phishing resulting in the bank to fully reimburse all victims for money lost to SMS phishing scam


Now, in the name of stronger security feature, it has come out with the condition that its mobile banking app will only work if apps not installed from official stores like Google, Samsung, Huawei and Oppo are uninstalled


And backlash ensues




Following up all banks will soon be rolling out stronger security features too.

It's good to have stronger security feature for mobile banking but implementing in a high-handed manner by telling bank users to uninstall 3rd-party sideloaded apps is not the way to go. So apps from F-Droid, Droid-ify, github etc are unsafe? And apps downloaded from official stores are guaranteed 100% safe?


Luckily, I don't use OCBC mobile banking app otherwise I would not know what to do with my sideloaded apps. I just have to wait and see what stronger security feature my bank would come out with.

Some suggestions include running the bank app in a sandbox like Insular, Island, Shelter etc, get a separate dedicated phone for mobile banking only with no 3rd-party apps installed, install apps via ADB etc

I tried my mobile bank app downloaded from Google Play Store in Samsung Secure Folder but it won't work properly..............hang most of the time

If your bank implements this feature what would you do? Close the account and put your money in another bank?
 
Last edited:
F

ForgottenSeer 97327

If your bank implements this feature what would you do? Close the account and put your money in another bank?
There a few aspects to consider IMO

In EU there is already law that is related to using a device for its intended purpose, e.g. when you would 'dry' your cat in the microwave, you are not using this device for its intended purpose and become fully responsible for the consequences of these actions. Downloading apps from non-official sources could apply to such circumstances.

In the EU there is also law about warranties expiring when you brake the integrity of a device. The suppliers have to mention that in their warranties (when you open your phone, laptop, television, you probably loose your warranty). Rooting your phone could be considered ad breaking the integrity of your device. Rooting not only gives you access to heart of your device, but also any other app your are installing. So you are also increasing your risk profile.

Long story short: It makes sense that when you increase your risk profile, you loose warranties on security I am surprised that IT devices seem to have less usage restrictions than most consumer goods (which most people accept without asking or arguing), So no I would not change.

The only point of critique I have is that it is a half baked limitation: the stores are not 100% malware free and rooting your phone is potentially riskier.
 
Last edited by a moderator:
  • +Reputation
Reactions: piquiteco

JustInTime

Level 2
Feb 21, 2022
58
Downloading apps from non-official sources could apply to such circumstances.

In the EU there is also law about warranties expiring when you brake the integrity of a device. The suppliers have to mention that in their warranties (when you open your phone, laptop, television, you probably loose your warranty). Rooting your phone could be considered ad breaking the integrity of your device.
Well there is no such law in EU which states that rooting your phone would void its warranty.
@HarborFront didn't even mentioned rooting. It was just about using the apps that aren't on stores. Also if same thing happens on Windows, can they say you had software/browser installed from other than Windows Store.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top