Author Topic: Banking Security From Abroad  (Read 3208 times)

cap396

  • 5 O'Clock Shadow
  • *
  • Posts: 55
  • Age: 51
  • Location: FIREd and Traveling the World
    • Snail Travelers - Traveling the World at a Snail's Pace
Banking Security From Abroad
« on: May 08, 2018, 12:13:23 PM »
My wife and I going to FIRE this summer and spend the next several years traveling the world.  We want to be able to log onto the accounts for our banks and credit cards (Ally, Schwab, Citibank) without having any problems.  We've done some research but are still a little confused as to what the best steps to take should be to avoid security issues with others gaining access to our accounts.  We have VPN apps set up, but is that sufficient?  Is it generally okay to use the WiFi at our AirBnb places, or do we need to use only cellular data to connect to our accounts?  Is using the bank's phone app generally safer than logging on through the bank's website?  Any other suggestions to keep our accounts secure would be appreciated.

Paul der Krake

  • Walrus Stache
  • *******
  • Posts: 5854
  • Age: 16
  • Location: UTC-10:00
Re: Banking Security From Abroad
« Reply #1 on: May 08, 2018, 01:07:43 PM »
A VPN is more than sufficient, no need to use cellular over wi-fi. Just use your own devices, not a public computer.

katsiki

  • Handlebar Stache
  • *****
  • Posts: 2015
  • Age: 43
  • Location: La.
Re: Banking Security From Abroad
« Reply #2 on: May 08, 2018, 01:10:02 PM »
Agree with Paul.  I would spend some time finding a reputable VPN provider if you don't already have one.  They are not all the same and it is sometimes hard to sift through the reviews that are really ads.

StockBeard

  • Pencil Stache
  • ****
  • Posts: 649
  • Age: 42
Re: Banking Security From Abroad
« Reply #3 on: May 08, 2018, 09:13:56 PM »
In general as long as your bank provides https/ssl, the router won't be able to sniff your data. If your bank does *not* provide https on their site, you need to ditch them, yesterday.

Additionally many banks nowadays provide some sort of additional authentication. Schwab for example provide you with a semi-random generated number (via a verisign app you install on your phone), which you need to append to your password. This means your password changes every minute. Call Schwab and enable that feature.

I don't see how the VPN protects your privacy more. You're just shifting your trust from the ISP to your VPN provider.

Unless your VPN provider also happens to be an official contractor from your bank, I feel you're just adding one layer of trust risk with a VPN. As others have mentioned, many VPNs are shady, and it's hard to know the good ones from the bads, because many reviews of VPN services are affiliate marketing in disguise.

Bank apps are not in general safer than websites, they're just equivalent in terms of security, everything else being equal. Use whichever you are comfortable with (edit: but make sure you always have the latest version of the app, if you use it).

So, my suggestions:
1 - call your banks to see what options they provide to make your password more secure. If 2 Factor authentication, make sure your phones will be able to receive SMS/phone calls/whatever from abroad. For Schwab, use their verisign random number thingy.
1.1 - Also tell your banks you will be abroad. Many banks have a fraud team that you will want to contact and tell them where you will be, so they don't flag your activity (including internet access) incorrectly.
2 - All your banks should have a website with https support. If they don't, stop using the bank's services.
3 - Get a VPN for your Netflix needs, not for banking.
4- As others have mentioned, use your own devices, not public ones
« Last Edit: May 08, 2018, 09:20:28 PM by StockBeard »

Syonyk

  • Magnum Stache
  • ******
  • Posts: 4610
    • Syonyk's Project Blog
Re: Banking Security From Abroad
« Reply #4 on: May 08, 2018, 11:00:15 PM »
I don't see how the VPN protects your privacy more. You're just shifting your trust from the ISP to your VPN provider.

It also encrypts the "last mile" - the traffic over the coffee shop link.

Personally?  I'd light up a free Google Compute Engine or Amazon EC2 instance, install OpenVPN, and bounce into that.

StockBeard

  • Pencil Stache
  • ****
  • Posts: 649
  • Age: 42
Re: Banking Security From Abroad
« Reply #5 on: May 08, 2018, 11:03:34 PM »
I don't see how the VPN protects your privacy more. You're just shifting your trust from the ISP to your VPN provider.
It also encrypts the "last mile" - the traffic over the coffee shop link.
But https does that as well...

Syonyk

  • Magnum Stache
  • ******
  • Posts: 4610
    • Syonyk's Project Blog
Re: Banking Security From Abroad
« Reply #6 on: May 08, 2018, 11:15:33 PM »
There are an awful lot of ways to muck with the HTTPS connection process.

SSLStrip is the easiest, if the site you're contacting doesn't use HSTS (or your browser doesn't support it).

StockBeard

  • Pencil Stache
  • ****
  • Posts: 649
  • Age: 42
Re: Banking Security From Abroad
« Reply #7 on: May 08, 2018, 11:19:09 PM »
There are an awful lot of ways to muck with the HTTPS connection process.

SSLStrip is the easiest, if the site you're contacting doesn't use HSTS (or your browser doesn't support it).
I see, thanks. Then maybe finding a good VPN is important in OP's use case then.

elysianfields

  • Pencil Stache
  • ****
  • Posts: 515
  • Location: Asia
Re: Banking Security From Abroad
« Reply #8 on: May 09, 2018, 06:46:08 AM »
Unless you plan to use a US mobile phone number and pay outrageous roaming costs overseas, I find it's useful to have a Google Voice number so that you can receive those texted confirmations to a known US telephone number.  You can receive your texts via Google Hangouts or Gmail, and also use those to place US phone calls.  If you settle down in a particular place with wired ethernet, I find it useful to use an Obihai box to connect a phone to.  It's inexpensive at $70 (http://a.co/8ltNIbL), works well, and comes with a voltage-agnostic AC-to-DC converter.

On the VPN side, I'd encourage you to use one with international reach and proxies in multiple countries.  I use Private Internet Access for this reason.  Some companies are now blocking Internet connections from Europe to avoid having to comply with the GDPR (cf. https://yro.slashdot.org/story/18/05/07/1056215/new-service-blocks-eu-users-so-companies-can-save-thousands-on-gdpr-compliance).

katsiki

  • Handlebar Stache
  • *****
  • Posts: 2015
  • Age: 43
  • Location: La.
Re: Banking Security From Abroad
« Reply #9 on: May 09, 2018, 10:00:32 AM »
There are an awful lot of ways to muck with the HTTPS connection process.

SSLStrip is the easiest, if the site you're contacting doesn't use HSTS (or your browser doesn't support it).
+1

Hotel / coffee shop wifi is not the way to go if you will be traveling a lot (never a good option really).

barbaz

  • Stubble
  • **
  • Posts: 201
Re: Banking Security From Abroad
« Reply #10 on: May 09, 2018, 10:13:42 AM »
There are an awful lot of ways to muck with the HTTPS connection process.

SSLStrip is the easiest, if the site you're contacting doesn't use HSTS (or your browser doesn't support it).
If the bank doesn’t do HSTS it’s time to switch banks.

Dr Kidstache

  • Bristles
  • ***
  • Posts: 490
Re: Banking Security From Abroad
« Reply #11 on: May 09, 2018, 11:49:57 AM »
I can recommend ExpressVPN. They have great chat support available as well if you have any issues connecting to certain sites. Also one of the few that can stream Amazon/Netflix.

jim555

  • Magnum Stache
  • ******
  • Posts: 3235
Re: Banking Security From Abroad
« Reply #12 on: May 09, 2018, 02:51:00 PM »
Google Outline is a free VPN app that connects to an online VPS like a Digital Ocean VPS droplet.  The advantage is it is not easily blocked by China.  A Digital Ocean droplet starts at $5 a month.

CatamaranSailor

  • Stubble
  • **
  • Posts: 207
Re: Banking Security From Abroad
« Reply #13 on: May 09, 2018, 03:07:48 PM »
I spend quite a bit of time traveling overseas. I set up a dedicated account just for traveling, a dedicated CC, a space CC just "in case" and a reputable VPN.

I had no problems at all.

I would, in addition, get a Google Voice number and make sure you have all the numbers you might need to call if something were to go awry.