57
Indian ICICI bank app reverse security (lemmy.world)
submitted 6 months ago by Jozav@lemmy.world to c/cybersecuritymemes@lemmy.world
22 comments fedilink hide all child comments
top 22 comments
sorted by: hot top controversial new old
[-] LemmyIsFantastic@lemmy.world 16 points 6 months ago* (last edited 6 months ago)

VPN doesn't improve security. Your shit was already encrypted over https. It's privacy.

[-] theshredder744@lemmy.world 13 points 6 months ago

I hate this fucking app, and I hate their website even more. I wasn't allowed to us hyphens in my password.

More than anything I hate that banks make me I replace my 20-character password with a 4-digit pin for the mobile app.

I would go out of my way to make an account with a bank that takes security more seriously. Sigh.

[-] Pringles@lemm.ee 5 points 6 months ago

Would you be allowed to set password'); DROP TABLE ClienId;-- ?

[-] surewhynotlem@lemmy.world 7 points 6 months ago

You should be allowed to. Any bank that doesn't sanitize their inputs is just waiting to be hacked.

[-] theshredder744@lemmy.world 4 points 6 months ago

If I remember correctly semicolons couldn't be used either. Maybe someone already tried this? Lmao

[-] Mandy@sh.itjust.works 10 points 6 months ago

My own banking app stopped working after an update too. My crime? Using a fairphone.

[-] pineapplelover@lemm.ee 6 points 6 months ago

Huh? I don't understand this post

[-] sus@programming.dev 19 points 6 months ago* (last edited 6 months ago)

the idea is that a vpn makes you more secure (which is not true outside some very exceptional circumstances)

[-] cron@feddit.de 5 points 6 months ago

IMO this is one example of the countless stupid rules banks force on its customers in the name of security.

  • No VPN
  • Smartphone app only protectable with a four digit pin
  • Access from rooted phones not permitted (but windows PC is ok)
  • Maximum password length enforced

There are many more, feel free to add some mire stupid ideas.

[-] LodeMike@lemmy.today 2 points 6 months ago

Bank doesn’t allow use if connection is originating from VPN. It’s really stupid because passwords exist.

[-] pineapplelover@lemm.ee 3 points 6 months ago

Oh yeah. Like I have my physical 2fa security key, verified 2fa phone number, and can verify from my email, but if I log onto vpn with all this information I am a bot user. Hate it. Fortunately, either my bank doesn't flag it or protonvpn is getting past it. But, I know plenty of websites and services like Geometry Dash flag my vpn.

[-] LodeMike@lemmy.today 3 points 6 months ago

I haven’t run into it at all. If my bank does this I’m moving elsewhere. I’m not going to to business with a bank that is that stupid.

[-] pineapplelover@lemm.ee 2 points 6 months ago* (last edited 6 months ago)

Some banks out there don't even take physical hardware tokens so I'm happy my bank takes it.

Edit: Here is a website somebody made that shows which banks even have 2fa and what methods they support.

[-] wahming@monyet.cc -5 points 6 months ago* (last edited 6 months ago)

There's no reason a VPN would increase your security, and many reasons why the bank would discourage the use of VPNs to access their systems

[-] null@slrpnk.net 10 points 6 months ago

There's no reason a VPN would increase your security

So there's no benefit to using one to tunnel to your home network while on a public network at a cafe?

this post was submitted on 11 Jan 2024
57 points (88.0% liked)

Cybersecurity - Memes

1529 readers
223 users here now

Only the hottest memes in Cybersecurity

founded 1 year ago
MODERATORS
Sam1232188@lemmy.world
neurohost@lemmy.world
Sam1232188@lemmy.fmhy.ml
Alphadef@programming.dev
CannaVet@lemmy.world