Your Search results will appear here

Friday 18 September 2009

A Common Sense Approach to cashless transfers?

While the convience of online banking has only touched me in the last few months, i have, for many years turned to the Internet for shopping. However i have always been very caucious about using my bank card, not just online shopping, but anywhere really where cashless transfers take place, hotels, bars.

However, is there a common sense approach to the problem. I dont have the answer so you decide. Below i will present to you a simple solution to help you combat fraudlent missuse of your cashless credentials.(I hope).

What i have used for the past 2 years is a quidity card, this is whats also known as a pre-paid credit card. There are lots of different pre-paid cards available now but i will be covering the QUIDITY card and my new addition my PAYPAL VISA card.


As you can see the Quidity card bears all the hallmarks of a normal bank/debit/credit card. The maestro logo verifies the card can be used for cashless transfers whereever the maestro symbol is present, including online!!You can even withdraw money from an caash machine with it. So whats the big deal, whats its unique selling point i hear you ask. How does it help you shop safely.

Ok heres how it works. You simply top up the card at your local post office or where you see the paypoint sign.


Click here to find your closest paypoint retailer




So for example you see a beutifal pair of shoes for the weekend night out, despite all the anti-fraud measures in place, you decide against using your bank details online. The shoes cost £45. Simply load £50 (to cover transaction fees) on to the card. All the fees and transactions will be explained in detail later.

Now go online and make your purchase, if for any number of reasons your transaction is intercepted by a fraudster, you will of already spent the money on the card, rendering the card useless to anyone even if they have intercepted your data.

Thursday 17 September 2009

The Banks Use Card-Readers Too

Ok so the last posts touched on the following subjects
  • Creating a secure password you can remember
  • The possibility of fraudsters intercepting mail from the bank
  • Changing your pin number regulary
  • Additional browser tools for those that use ebay and/or paypal
  • Signing up to verified by visa
  • Signing up to Mastercard Secure Code
This post is soley about card-readers and a list of banks that use them. The card readers issued free by the banks is a clever addition to tools used to fight fraud. Once you have setup digital banking, you can then use your card reader along with your bank card to authorise direct debits, standind orders amongst other things,online. In fact this is a brilliant piece of kit. I have to ask why people are not forced to use such a device before they can buy something online. Hmmmmmmm.

Due to increasingly sophisticated trojan software and malware in the wild the banks have had to up their game to in the fight against fraud and they have with the card reader

Rbs




This is the card reader issued by RBS, the item is free of charge and free to use and requires no conection to a computer. To recieve and use one of these you must sign up to rbs digital banking.

Common questions about this can be found here.




Nationwide card reader

This gem from nationwide stops the fraudsters in their tracks so long as you have a flexaccount VISA debit card. For every transaction made online you will need to verify the purchase with your card and card reader. Use this with verified by visa and you have exceptional fraud-prevention measures in place.
Register for Nationwide Internet banking here.
Information about the card reader is here.





Natwest card reader


If you dont have a debit card natwest will send you a internet banking card for use only with the card reader.
Debit card holders can use their debit card.

Information about the Natwest card reader can be found here.










I strongly reccomend all those that use online banking to order one of these from your respective bank.

Now i know this sounds patronising but some people will care to use such a thing once its too late. Fair enough, your loss not mine.

This method is still not foolproof as most people will not carry such a device around with them, restricting use to the home instead, still should be safer at home.

Online Shopping Card Not Present Fraud

A massive loophole in the online shopping area is Card Not Present Fraud which renders chip and pin useless. Card not present is proberly more of a threat today than card skimming. Consider this to order something online with your bank/credit card you dont need your pin number , a complete layer of account protection is removed, this is very bad indeed and means fraudsters only needs the info on your card that can be seen with the naked eye. If two fraudsters were strategically placed they could snap high quality images of your card as you took it out, they would then follow you, assuming the last place you stop is your home address and will attempt to misuse your credentials.

This is only effective in online shopping as when buying in a shop you need to present your card.

To replace this loss of account protection the big boys are stepping up
If your card bears the VISA symbol


You can use the verified by VISA service,which is free of charge to use and also protects retailers against missuse.
Sign up to Verified by VISA here





Alternately if your bank card bears the Mastercard logo.

You can sign up to the mastercard secure code scheme which adds additional layer of security to your online purchases. Sign up Here.



Once again the integrity of the systems used by mastercard secure code and verified by VISA realies on your antivirus software to be up to date. So You can see its not totally safe.

Pin Numbers

Okay ATM/cash machine fraud is a huge thing right now and almost everybody seems to know someone it has happend to.
The fraudsters use skimming devices which fit on the cash machine to steal your pin number. Watch this video from the BBC show the real hustle for an example of how it works.



See how easy it can be, all banks HSBC, Halifax, Natwest etc all information on there websites explaining how to safeguard your pin when using it at a machine, one thing i would strongly suggest that they dont is the regualy changing of your pin number like every time you use it, i know its not practical but hey i wont be loosing face. If you struggle to remember your pin an easy example would be the date 15/09/2009 if you use your card today why not change your pin to 1509, hey it might sound daft but its better than those that store it in their mobile phone or those that wright it down or worse use their year of birth.

Its easy to use the social networking sites to social engineer someones pin number, an example being you could set up a quiz for instance on facebook, telling people you could guess the number their thinking off........................(maybe if people nag i will post the rest of this )

Strong password Weak security

You could use my password story telling method to make an easy to remember 128 digit passsword although most online servers will only allow upto 32 digits including banks for use in a password you could make the strongest ever password known to man, however if your firewall/anti virus is not up to date chances are you will have some form of malicious software on your machine.

The reason for this is when buy your over-expensive laptop from pc world or dixons or microdirect it comes bundled with normally a 60 day trail of either norton or mcafee both are excellent but expensive.

The best solution is comodo which incorporates anti-virus and personal firewall, it is also free for life, those of you reading this blog who know me personally will know i fully support comodo.
Download comodo here


I also recommend using malware bytes anti malware along side comodo



If you use Ebay i recommend using the firefox edition which you can download here, which ensures you are signing into a genuine ebay site.

Internet explorer users can use a tool here. The Internet explorer tool uses an account guard manager which warns you if you are about to enter your ebay or paypal password on another website.


Another thing i will mention here. If you must sell your old laptop or pc, then its essential you do not include your old hard drive as there is software easily availale on the internet to recover information/data which you thought had been deleted.


Online Banking Is It Flawed?

The banks in the UK are doing a tremendous amount to prevent online banking fraud, however i believe the initial process to be flawed, when you receive your initial digital banking letter in the post delivered insecurely off course dint be surprised to see your if customer number is:
  • your bank account number 11111111
  • your card number 1111 1111 1111 1111
  • or one bank i know likes to use your DOB followed by your branch dial code 010119800171 which is 01/01/1980 bank area dial code for London 0171
organized criminal elements working within or has minions working in the postal system no this and some are on the lookout for mail that has certain return address as they know that its for banking. oh dear. Then a few days later your so-called tamper proof pin comes in the post. Firstly your initial letter from the bank, contains no reference to your pin been sent in a tamper-proof way. Secondly the vast majority of people who have never used digital banking or never lost their pin number will never have even seen tamper-proof paper.

Once again the fraudsters know this and are not deter ed they will simply open the letter and send you the pin and make it appear to be from your bank.

How many of you check to make sure the letter from the bank really is from the bank.

Some people just simply underestimate the lengths people will go to, to defraud you.

Personally the bank should make you go into your branch and setup your digital banking that way, dont you agree!

REMEMBER TO REPORT ANY SUSPICIOUS ACTIVITY ON YOUR ACCOUNT IMMEDIATELY

Password story telling

Okay the first post was way too long so i will keep the rest short and simple. As mentioned in the previous post the password JS2004vert21chips is not that strong a password as it contains words in the dictionary (french&English). So here is how I'd make proper password using a short story.

I wake up everyday at 7am to go work, after having a shower i have breakfast, 2toast,1apple and a cup of tea. now its 7.45am, my mrs now kisses me and says "goodbye". I start the car and set of for my £300 a week job 6miles away . i finish every day at 5pm

Did you see the potential for a very secure password using our daily activities, here's the password i got. This only works if you do have a daily schedule you always keep too like going to work

7PM ==time get up
2t ==1st thing i eat
1a ==2nd thing i eat
XXX ==kisses from the mrs
"" == from wife sayin goodbye
£ == another symbol
6 ==distance to work
5PM == time i finish work

our secure password now uses small case, upper case, numbers and symbols.

7AM2t1aXXX""£65PM
check strentght here


hopefully you can adopt this to fit around your own daily activities, this works best if its the same thing very day.

As this password evolves from a story about waking and going to work it would be an ideal password to use at work.

(If the the IT guy at your work had any real use he would force you to change your password once a month at the very least and not let you use the last 5 previous passwords)

OK these first 2 post just about covers passwords for now, remember this is just a small guide on passwords and doesn't cover pin numbers or ATM Skimming.

Remember this blog is intended as a guide only. Its purpose is to encourage you to use secure methods when using internet bank/online shopping.Just so you feel a little bit safer when shopping on ebay, amazon or using paypal.

A secure password is just one of the steps needed in the fight against fraud.