US Banks To Test ATMs Which Accept Your Smartphone Instead Of Cards (ibtimes.co.uk) 148
Dozens of banks in the US are updating their ATMs, or installing new ones, in order to allow customers to withdraw cash without using bank cards. A new cardless system will be rolled out at around 2,000 cash machines across the US, operated by at least 28 banks, including giants like Wells Fargo, Bank of America and Chase. Under the new system, people can order cash on an app on their phone, and then scan a code at the ATM to receive their money, all without inserting a card or entering a PIN. The developers of the system insist that smartphone technology makes for faster and more secure transactions. More banks are expected to adopt the technology soon.
Sounds a bit sketchy... (Score:5, Insightful)
I'm not really technically competent to make a valid argument against this, but my "gut" says... No! Maybe I'm just an ignorant Luddite that longs for my black rotary phone, but my uneducated imagination flows over with ideas and visions of how wrong this could go. My new ATM card has a chip, I'll stick with that for the time being.
Re: (Score:2, Insightful)
I'm betting it's that the banks see some sort of additional revenue stream from doing this. Maybe they think they'll get higher overdraft fees by making withdraws easier to screw up? Without the phone maybe liability lies with customer not bank, since without a PIN the customer has less of a case to claim it wasn't them who made the withdrawal?
Re: (Score:1, Informative)
I'm betting it's that the banks see some sort of additional revenue stream from doing this. Maybe they think they'll get higher overdraft fees by making withdraws easier to screw up? Without the phone maybe liability lies with customer not bank, since without a PIN the customer has less of a case to claim it wasn't them who made the withdrawal?
As a former Bank of America customer and employee, trust me they do not need any smart phone app or extra functionality to get higher overdraft fees. Let me tell you what Bank of America does to some people.. They regularly withdraw a percent of your account, play it in the stock market and make money on it and then put it back.. and if you are unlucky enough to try to withdraw from your account while they are doing this, you get an overdraft fee.. and they will add up before it shows up in the ledger that
Re: (Score:3, Informative)
This sounds like you fundamentally didn't understand how the "money market" account you had worked.
I'm not going to defend BoA here, but many people simply don't understand the difference between a savings account, checking account, and other "higher interest" accounts. Paypal is another example of a "money market" account. Never use a money-market account as anything other than a store of value, because you can, and likely will lose money if you repeatedly put money in it and take it out before any calcula
Re: (Score:2)
The banking apps I have on my phone don't allow persistent login, and automatically log out after a certain period of time without activity (and it's not very long). Someone would have to swipe the phone while it's logged in and continue performing activity within the app along the way to the ATM for that to work. It's not impossible, but it makes for a targeted attack, which lowers the odds of it happening.
Re:Sounds a bit sketchy... (Score:5, Insightful)
So basically, you give up your wallet and the threat of being mugged for the cash in your wallet for, hmmmm, for log in access to your phone banking account and transfer money or else and what happens after money transferred, how to keep you silent, hmmm, let me think. Yeah, nah, fuck off with the crazy idea of carrying around my bank account with my life being the guarantee of handing over the password and my life being in the balance when it comes to my not complaining about the illegal access to my account. Sure steal my cash, steal my credit card but stealing access to my bank account, that's real risky business. I'm thinking a T-Shirt, "My phone is not, absolutely not, linked to my bank account, please point your gun at the next available auto-teller". Swapping your phone for the ATM where you become an ATM.
Re: (Score:2)
_____________________
This aint fishy . It's a seafood platter
Re: (Score:2)
There are targeted attacks where people are told to withdraw some amount of money from the bank or their loved ones suffer the consequences.
Two cases here from 2015:
http://legacy.wbir.com/story/n... [wbir.com]
http://www.mansfieldnewsjourna... [mansfieldnewsjournal.com]
And here's one from 1992:
http://www.deseretnews.com/art... [deseretnews.com]
Using an ATM card isn't any safer, with robberies involving forced ATM withdrawals happening frequently. Fraudulent activity is covered by banking regulations and FDIC insurance.
Re: (Score:2)
Re: (Score:2)
You are there already - or at least most people are. When I turned on my smartphone the first time, it wanted a credit card number. This ostensibly so I can purchase "apps". Most people accept that, because they get themselves some nice $1 apps/games - no big expense.
I refused. As in "do that later" and never following up.
There are some cheapo apps I would like too. But I will NOT have my phone linked to a credit card. First, there are these "in-app purchases" they try to trick you into at every opportunity. I refuse to take part in that show. Then, there is rtb61 robbery scenario: someone mug me for my phone, simply to "buy" the mafia's $999 "app" and get some kickback? That is possible already, with the credit card link.
I'll happily buy some cheap apps the day I can use the credit card and not have the phone remember it. Similiar to how I use the credit card for web purchases - the browser/pc/os do not remember the number. I enter it everytime, someone stealing my PC would not get it. And "in-game" purchases won't happen from a PC/game with no idea of my payment details.
Can't you get both Apple iTunes and Google Play store gift cards from a brick and mortar store, paid with cash, to then use to buy apps?
Re: (Score:2)
All one needs to do is swipe the smartphone while it's unlocked, and clean someone out.
In practice, the only time someone has it unlocked is while they are using it. And you'd need to be in the bank app for it to matter. So the crook would have to be wandering public, looking for people using a banking app, then swipe the phone, and get to an ATM before the robbed person could call their bank.
Possible, but unlikely. When it's easier to make $500 making a table from scrap wood than to steal it with your method, you can expect that the number of thefts of that manner would be low.
Re: (Score:3)
In practice, the only time someone has it unlocked is while they are using it. And you'd need to be in the bank app for it to matter. So the crook would have to be wandering public, looking for people using a banking app, then swipe the phone, and get to an ATM before the robbed person could call their bank.
You just said it yourself. All the crook has to do is stand near an ATM and wait for somebody with a smartphone to use it.
Re: (Score:2)
You just said it yourself. All the crook has to do is stand near an ATM and wait for somebody with a smartphone to use it.
Or, you know, hold a gun or a knife to them and make them withdraw the max they can for you. You know, the traditional method.
Or attach a skimmer to the reader, so the inserted card goes through your reader before entering the machine, and you have a camera placed to catch the pin. Like what happens in eastern europe all the time.
Re: (Score:2)
How is that worse than just standing by an ATM and snatching cash or waiting for the user to enter their pin and mugging them?
Re: (Score:2)
Re: (Score:1)
Err... If you need to ask a question about banking, I'll do what I can to help you out. There's a lot that I don't know but I'm kind of familiar with it and I'm going to suggest that I'm probably a bit more familiar than you. Don't take that as an insult, you probably program far better than I. There are others here who can give you good information (better than mine) but separating the noise from the signal can be a bit rough.
Umm... They only give you that higher interest rate because they're using your mo
Re: (Score:1)
1. Lower costs: no need to snail mail new ATM cards every time someone loses one under the car seat. Monthly statements sent to your phone too.
2. Charge extra if you want paper statements or a plastic ATM card
3. Sell all the personal info the app collects to advertisers
Re: (Score:2)
Agreed. If the summary is to be believed, then it would be possible to:
* use app to order up cash and show the QR code
* take a pic of it with another phone (or screenshot and send it, or print it, etc)
* have someone else go pick up that cash
That almost sounds convenient, but it also means anyone that can scan that QR code from any of the many cameras that are everywhere, could re-generate the QR code and go snag your cash. It would also be a way to steal cash from someone, whether by force or by using their
Re: (Score:1)
could re-generate the QR code and go snag your cash. It would also be a way to steal cash from someone, whether by force or by using their phone while they're in the bathroom or something. No need for a pin... not a feature I want enabled for my account, thank you.
The problem that you're describing is called the replay attack and it's one that's easily solved by the addition of a nonce [wikipedia.org], which is basically a fancy cryptography term for a number or code that is used only once and then never used again. In effect the QR code is good for only one withdrawal, after that it will never be valid again. When this is combined with public key cryptography and one way hashing the QR code becomes both impossible to re-use or to forge.
Re: (Score:2)
I'm not referring to re-use or forgeries. I'm talking about theft.
Re:Sounds a bit sketchy... (Score:5, Insightful)
Re: (Score:2)
Re: (Score:2)
smartphones are cheap.
atm machines are not.
Re:Sounds a bit sketchy... (Score:5, Informative)
The phones are cheap, plans are prepaid (and cheap), it's safer than carrying cash, and the mobile networks are ubiquitous. While the US has only recently been getting on board with transferring money by phones, much of Africa has been doing it for years.
Example: A Samsung Note 2 (not the latest and greatest, but still a decent phone) from Jumia Kenya is 550 Kenyan shillings. According to xe.com, that's about US$5.39, based on an exchange rate of about 102 Ksh to the US dollar.
Being poor doesn't mean being disconnected. Poverty hasn't been a barrier to mobile phone use in other parts of the world for many years. Even in Afghanistan, cell phone towers are common even in the remote regions, because they get used.
Re: (Score:2)
It can also be noted that they are kept affordable by air time being prepaid, often a minute a time, and many of these applications are written to optimize their use of that time.
Re:Sounds a bit sketchy... (Score:5, Informative)
And those same poor people have money for a smart phone how exactly?
By working and getting paid for it. In much of Africa, you can buy a phone capable of financial transactions for less than $20 new, and less than $5 used. It is considered important enough that most households will buy a cellphone before they buy a TV or refrigerator.
It's the same as a credit card
You cannot use a credit card for peer-to-peer transactions, and a CC is much harder for a poor person to get than a cellphone.
while having dependency on some type of connectivity for the Cell.
You must be an American. In much of the rest of the world, cell coverage is ubiquitous.
Re: (Score:2)
This is for a basic Nokia rip off (not a genuine Nokia, that costs money). A smart phone will cost upwards of US$75 for a cheap Chinese model.
You cant use a phone for peer-to-peer transactions either. You will need, at the very l
Re: (Score:3, Insightful)
And those same poor people have money for a smart phone how exactly?
There are many millions of "poor" people in Asia and Africa with smart phones who are paying $3 to $5 per month for the same phones and better plans than those offered in the US. The idea that a phone, which can be manufactured for $40, should cost you $80/month for two years, subject to ridiculous throttling/caps/degradation of service, plus enormous fees if you try to switch carriers, is strictly an American concept and frankly I don't understand why you tolerate it. Throughout most of the world there are
Re: (Score:3)
Re: (Score:1)
You obviously never had a phone in Europe, the rates and phone prices are even worse than the US.
You obviously aren't European, if you're willing to make generalisations like that about 40-odd countries.
Re: (Score:2)
So eat a dick.
Re: (Score:2)
And those same poor people have money for a smart phone how exactly?
You do realise that not every smartphone costs $800 and comes with a Designed in the USA logo on it right?
People in China who feed a family of 3 for dinner with less than $2 typically have 2 smartphones between them.
Re: (Score:2)
And those same poor people have money for a smart phone how exactly?
You do realise that not every smartphone costs $800 and comes with a Designed in the USA logo on it right? People in China who feed a family of 3 for dinner with less than $2 typically have 2 smartphones between them.
Word.
People are ignorant, horribly ignorant, when it comes to things like this. I remember I asked a friend of mine from grad school to get me a copy of Knuth's books in India. I paid like a fifth of what I would have paid if I had bought them in the US. Pricing is "zonified" (if there is such a word.) The same shit that we have to pay $100 we can pay a fraction of it in another country without any loss in quality.
Re: (Score:2)
And your job is being outsourced to them.
Your job maybe. This is the thing. If your job can be commoditized, you are a commodity, and you will be outsourced. So the key is to always be on top of that shit and not let yourself be commoditized. Offshoring is not a new thing. It is just an extension of outsourcing.
And guess what? Outsourcing is not a new thing either. I've seen it in action for the last 25 years. So I don't get why people keep sounding the alarm as if that shit was new. It's like people that complain their jobs went to China... 15-
Re: (Score:2)
Re: (Score:2)
You are confusing your incorrect bias for reality.
Re: (Score:2)
All banks are SSC - it is the nature of the universe. There are probably references to the fact in Shakespeare's plays.
Re: (Score:2)
There you go again assuming if you don't know of something it must not exist. The perfect storm of ignorance and hubris.
Re: (Score:2)
And those same poor people have money for a smart phone how exactly? Me thinks you are confusing "cash" with credit cards and tech gadgets. Sorry, but it's not safer than a credit card. It's the same as a credit card, while having dependency on some type of connectivity for the Cell.
Me thinks traveling to a couple of countries will help you understand the answer to that question.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Many people in poor nations do not have access to banking facilities but they do have a mobile phone. Paying for things via your phone (as opposed to a card) is the normal way of doing business for a large chunk of the world's population.
Hi, it sounds like you've never been to a developing nation. Would you like some help?
You see, in developing nations people use these small pieces of paper or polymer with numbers on them to trade for goods and services. They do this because adding banks into the mix creates extra costs that must be passed onto the consumer. Seeing as they dont have much money to begin with, they opt not to use the bank.
It'll be the same with phones. You dont need any infrastructure to deal in cash, you'll need infras
Re: (Score:2)
I want universal translators and hypospray injectors next!
Jet injectors [wikipedia.org] have existed longer than most people here. Universal translators, on the other hand... are still very much a work in progress.
Re: (Score:1)
Sketchy? Mark my words, this will all end in tears.
Is apple involved? (Score:2)
obligatory (Score:2, Informative)
Choosing 'that' vs. 'which': http://www.dailywritingtips.co... [dailywritingtips.com]
no smartphone no cash (Score:2)
So now if I get mugged... (Score:3)
Not only do I potentially get assaulted, and all my stuff stolen, but they can drain my bank account too? Doesn't this just paint a big target on the back of anyone who carries a smart phone?
I like pay-pass, the way it works in aus is there's a maximum amount per transaction where you can use contactless without a pin. Hopefully it will be the same for this?
Re: (Score:2)
but they can drain my bank account too?
How did you reach that conclusion? The article only mentions the interaction between the phone app and the ATM works via barcode. It doesn't say what security is involved on the phone app.
Now how many times have you been able to log into mobile banking recently without using a password, one that is often longer / harder to guess than a 4 digit PIN?
Re: (Score:2)
Re: (Score:2)
What seems reasonable is reentry of the PIN at the ATM. Wave your phone, enter your PIN, withdrawal money.
Given you need to authenticate yourself to your mobile banking app in the first place in order to setup this money withdrawal what's the benefit of doing it twice?
As other's have pointed out any threat against this form of payment involves someone already having detailed access to banking accounts (assuming they are setting this up the same way as some banks already have).
Re: (Score:2)
Cardless cash (Score:4, Informative)
A version of this is already widely in use in Australia. Log into bank via smartphone, request amount of cash, receive code. Go to that bank's ATM, request cardless cash, enter code, ???, cash! I no longer carry a wallet, just my smartphone with 3-card slimline case containing my ID/drivers licence, public transport RFID card, and credit card. I'm able to slip a $20 in there too for the few remaining places who either don't take credit or charge a fee to do so.
Re: (Score:1)
So anyone who snatches your phone from you can drain money out of your bank account too?
Sounds like a great system!
Re: (Score:3, Informative)
Sure, all they need is my fingerprint to access the phone, know which bank I'm with, know that that I'm registered for cardless cash at said bank, my fingerprint again to access the app, and possibly my fingerprint again to request the funds.
But sure, a card and 4 digits is totally more secure.
Re: (Score:2)
So your phone and a finger? Not much different from right now I guess.
Re:Cardless cash (Score:5, Insightful)
I hate to break it to you, but it's not hard for a mugger to get your fingerprint. All they need is a knife....
Re: (Score:2)
If I'm suddenly in a position where losing a finger during a mugging is a genuine concern, I'll look into better protecting my hundreds of dollars.
Are there actual documented cases of small-time crooks in a civilized country using fingerprint harvesting off secondary sources to get into a smartphone? Maybe I just live in a country where tinfoil hats aren't so necessary.
Re: (Score:2, Insightful)
That's why you make sure at least two fingers get you into your phone. Or you could use a toe.
For the most part, a PIN is more secure than a fingerprint, but this is owing to the current level of accuracy in fingerprint readers. Like a gelatin (eg gummybear) finger can get into a fingerprint reader because it has just enough depth to look like a real finger, but fingerprint sensors could be improved to actually care about opacity and temperature to secure it better. So cutting a finger off wouldn't work, an
Re: (Score:3, Interesting)
Iris scans are irrefutable
From wikipedia: "Many commercially available iris-recognition systems are easily fooled by presenting a high-quality photograph of a face"
A high-quality photo of someone's iris is not hard to get. Celebrities, which tend to have money, are even used to people pointing big expensive lenses at them all the time. Anyone can pretend to be paparazzi.
And if they have some way of rejecting paper images - well, embed the iris image in a glass eye. A fake head, heated to body temperature is not hard to pull off.
Re: (Score:2)
Celebrities, which tend to have money
Kanye will be glad to hear he's safe.
Re: (Score:2)
Re: (Score:2)
Sure, all they need is my fingerprint to access the phone, know which bank I'm with, know that that I'm registered for cardless cash at said bank, my fingerprint again to access the app, and possibly my fingerprint again to request the funds.
But sure, a card and 4 digits is totally more secure.
You mean the finger print that is already on the phone because oil leaves the prints on the screen? Not sure how you can think this is safer when finger print scanners have been fooled by pictures.
https://www.google.com/search?... [google.com]
Re: (Score:2)
I'm still going to guess the $5 wrench (https://xkcd.com/538/) gets used more than whatever is required to fool TouchID in the time it takes me to register that my phone/card is missing and report it as such. I don't *think* I have a network of spies tracking my every move and lifting my prints off of water glasses in order to obtain my hundreds of dollars, but perhaps that's just because they don't *want* me to think that, right?
How do you paranoids ever leave the house?
Re: (Score:2)
You have to unlock your phone, start the banking app, login into the app*, click on the withdrawal button, choose the amount, get the code, scan the code on the ATM, and get your cash.
Wow! It's so much simpler and faster than inserting my card into the atm, punching my 5 digit PIN, clicking on the 20$ or 40$ (or whatever amount) fast withdrawal button, and getting my cash.
* I don't know how you do that for your bank's app, but mine asks for the 16 digits of my banking card, and a password. It takes a long t
Market will decide (Score:2)
By the time this new standard prevails there will be an approach using quantum encryption using Personal IDs.
Fie (Score:2)
DO NOT WANT. (Score:2)
Which 28 Banks? (Score:2)
Re: (Score:2)
http://www.nbcchicago.com/news... [nbcchicago.com]
I'm sure all the rest are right behind them.
Re: (Score:1)
This isn't new (Score:3)
Several banks here in Australia (the Commonwealth for one and I think also Westpac) have had the "get cash via a phone app" option for a while now (where you log onto the online banking app on your phone and get a code that you key into the ATM which will then give you cash without a card). Other banks (like the ANZ) are trialing a NFC solution where you can tap with your compatible NFC phone on a reader on the ATM instead of using your card.
There is no increase security issue with the cash-via-phone-app option as implemented by the Australian banks that have done it since the thief needs to steal your online banking password (and if they have that, they can transfer money via direct transfer to another account they control rather than risk being caught by an ATM camera withdrawing cash using this technology)
In fact the technology makes things more secure in that your account details cant be stolen by a card skimmer attached to the ATM.
No (Score:2)
In fact the technology makes things more secure in that your account details cant be stolen by a card skimmer attached to the ATM.
Impossible, and a BS justification. Okay, a card skimmer is not a problem, but a MITM attack and screen scraper app are possible on your phone and not on a credit/atm card. You are trading risks, and not in favor of the phone. Safer? Not a chance.
Kind of like everything else that goes 100% on line, it's more risk and prone to problems. But, we all get to pay for increased premiums to pay for damages so who cares right?
Re: (Score:2)
It's a different risk profile, but that does not necessarily mean more risk. In this case, the screen scraper app is going to hit far fewer users of the ATM than the card skimmer would, and it would probably be discovered quickly as the codes generated by an authorized user were used elsewhere and the user noticed money missing. Preventing this becomes fairly simple: make the code only work within some specific time and distance of where it was generated. If it has to be used within ten minutes and five
More BS (Score:2)
Seriously, stop and use your brain for a while. If the Phone is subject to a screen scraper, and the reader is subject to a similar app (think skimmer) then you have just doubled your points of entry for a bad guy. It does not matter how long the code is good for, because telecommunications is fast for bad guys too. Code must be used in X radius is not a huge restriction in a city. Maybe out in the sticks.
I can't stop the ignorant from thinking that on-line is secure, but I'm not going to fall for the g
Re: (Score:2)
The system in use by the Commonwealth Bank requires both a unique code (given to you by the app) and also a pin number sent to you via SMS (meaning a thief needs to be able to steal both numbers somehow). Oh and the codes are one-time-use only and expire after 30 minutes so the thief needs to be able to get to a Commonwealth Bank ATM within 30 minutes and hope the legitimate owner of the account hasn't used the code in the mean time.
So for a screen scraper to be useful the hacker would need to specifically
Re: (Score:2)
Ever walk up to a store where there's an armored truck idling outside? The crew is armed, and that's because the trucks are targets, with an attempt against them every so often. You don't see remotely that level of physical security involved with credit card transactions. Look at the marijuana stores in Colorado and Washington that have trouble getting bank accounts and consider the risks involved with all-cash transactions.
Your compromises almost exactly match mine (I wasn't lucky enough to be part of t
Re: (Score:2)
You have to chose the specific ATM to generate the code.
Re: (Score:2)
That makes it even more secure.
Re: (Score:2)
There's no more exposure than simply having online banking in the first place. If you have online access to your account, then MITM and screen scrapers are already a risk. Adding cardless cash support does not increase that risk appreciably.
Stolen card attacks via ATM are already a risk. Online banking is already a risk.
Most people who
Re: (Score:2)
Impossible, and a BS justification. Okay, a card skimmer is not a problem, but a MITM attack and screen scraper app are possible on your phone and not on a credit/atm card. You are trading risks, and not in favor of the phone. Safer? Not a chance.
I'll happily trade a risk for something I know and I'm in control of compared to something unknown that I can't control.
Want to keep your phone secure? Don't install shady apps.
Want to avoid your card getting skimmed? Don't use ATMs with card skim.... wait what does a card skimmer look like?
While you're at it if you steal my phone you still need my banking password. If you steal my credit card you can go nuts doing online purchases (it has happened to me before), or you can enjoy any number of sub $50 purch
When did I last visit an ATM? (Score:2)
I don't think I've pulled cash from a cash machine in at least five years. I hardly use cash, although I do tend to keep an "emergency" $20 in my wallet. But pretty much every store I frequent asks me if I want cash back whenever I shop anyway - no extra trip to the ATM needed.
SQRL? (Score:2)
https://en.wikipedia.org/wiki/... [wikipedia.org]
https://www.grc.com/sqrl/sqrl.... [grc.com]
Keep your phone secure, and the authentication scheme is really hard to break.
This is a game of pass the buck. (Score:5, Insightful)
Now it won't be their system which is insecure, it'll be your phone. This gives them another layer of defense against their often laughably bad security.
Re: (Score:2)
Now it won't be their system which is insecure, it'll be your phone. This gives them another layer of defense against their often laughably bad security.
Except that, according to federal law, they're liable for the fraud anyway.
To be precise, for ATM and debit cards (which this would be), your liability varies according to how quickly you report a lost or stolen card. $0 if you report the loss before it's used, $50 if you report the loss within two days after you learn about it, $500 if you report it within 60 days after your statement (containing fraudulent transactions) is sent to you. For a phone-based version, if it turns out to be vulnerable to attac
Your phone is your key (Score:2)
Your phone is your hardware key. With your phone in hand, they can assume (or ensure) that your authorization and identity are mostly guaranteed.
This is essentially what Apple did with ITunes and iPods; the iPod is a hardware key for access to DRM content. I assume it's the same with the iPhone/FairPlay video.
TouchID works on different principles, but the idea is the same: security is (mostly) guaranteed with hardware. Apple can guarantee authorization and identity with TouchID. That makes it a bit more dan
time to stop calling these things "smart phones". (Score:2)
seriously, phone calls is like 1% of what people use these things for.
in addition to being a portable gaming system, email device, messaging tool, web browser, photo/video camera, walkman, television, alarm clock, weather forecaster, pinball leveler, and about a million other things, the future of this device is clearly moving in the direction of replacing things like photo ID and credit card. the term "smartphone" does not fit. it's like calling a car a "smart chair".
Re: (Score:2)
At least almost everyone uses their smartphone to make phone calls, among other things.
But when is the last time you've actually seen gloves in a glove box?
Real advantages are as follows: (Score:2)
2) You are less likely to misplace your phone - and you will personally pay to replace it.
3) You can begin the transaction before you get to the machine, so if there is a line, in effect, it is faster.
4) I can enter the code on my phone, take a snapshot and email it to you, then you can go to my bank and take the money out of my account. I just made a no fee way to email cash, as long as I have it in the account.
5) If you don't have a de
Additional authentication (Score:1)
I would accept the phone as an *additional* authentication method, but certainly not as the only one. It shouldn't be hard to tie large purchases to a banking app for authentication. Heck, in a lot of places groundwork for this is partially in-place already:
* Various banks including my own allow you to increase your daily debit/transaction limit to nearly $10k if you call in to pre-authorize it for a set period. You still need the debit card and PIN of course
* My credit card company has periodically put a b
Oh great (Score:2)
...another vector for someone to steal my money, meddle with my finances, or break into my bank account.
Nothing could possibly go wrong with this idea. Because, you know, smartphones are SO secure and everything.
DO. NOT. WANT.
Finally! (Score:1)
Re: (Score:2)
Re: (Score:2)
They'll require a PIN still, you'll just need to enter it on your phone. So even if the attacker has access to the software, they'll still have to figure out the PIN which will likely lock the account after too many tries.