In general as long as your bank provides https/ssl, the router won't be able to sniff your data. If your bank does *not* provide https on their site, you need to ditch them, yesterday.
Additionally many banks nowadays provide some sort of additional authentication. Schwab for example provide you with a semi-random generated number (via a verisign app you install on your phone), which you need to append to your password. This means your password changes every minute. Call Schwab and enable that feature.
I don't see how the VPN protects your privacy more. You're just shifting your trust from the ISP to your VPN provider.
Unless your VPN provider also happens to be an official contractor from your bank, I feel you're just adding one layer of trust risk with a VPN. As others have mentioned, many VPNs are shady, and it's hard to know the good ones from the bads, because many reviews of VPN services are affiliate marketing in disguise.
Bank apps are not in general safer than websites, they're just equivalent in terms of security, everything else being equal. Use whichever you are comfortable with (edit: but make sure you always have the latest version of the app, if you use it).
So, my suggestions:
1 - call your banks to see what options they provide to make your password more secure. If 2 Factor authentication, make sure your phones will be able to receive SMS/phone calls/whatever from abroad. For Schwab, use their verisign random number thingy.
1.1 - Also tell your banks you will be abroad. Many banks have a fraud team that you will want to contact and tell them where you will be, so they don't flag your activity (including internet access) incorrectly.
2 - All your banks should have a website with https support. If they don't, stop using the bank's services.
3 - Get a VPN for your Netflix needs, not for banking.
4- As others have mentioned, use your own devices, not public ones