Comment by miki123211

They're for the bank's (and other customers') security, not yours.

I think they're supposed to prevent people from reverse-engineering banking app APIs and writing bots that perform millions of requests per second, trying to brute force their way into peoples' accounts.

As an extra protection, SafetyNet also makes it harder to distribute apps that repackage your genuine banking app, but with an extra trojan added.

potamic 4 days ago

Every bank of repute also has a web portal for internet banking. If it were about security, leaving this open while closing the mobile route doesn't make sense. The web is also vulnerable to scammers hosting trojan websites but somehow that doesn't seem to be a big problem.

If a bank (or any entity for that matter) needs to control the client in order to make their systems secure, then it's bad security. The system must be secure despite the client.

miki123211 OP 1 day ago

This depends on the bank and the country, but web portals usually have some kind of 2FA on them. This means hacking into somebody's web portal account isn't enough, you still need to hack that mobile device first.

This item has no comments currently.