Are Iphones more secure ?

IrishHomer

Few days ago my bank account was fraudulently robbed of a lot of cash.

I do all my stuff via Android phone no pc anymore

I've no idea how it was robbed but I've been reimbursed by the bank and reported to the Gardai.

I'm worried about the future and my question is: are Iphones more secure for this kind of problem?

I am wise to all the online cons so I'm baffled how this occurred.

If iPhones are more secure I would switch

murpho999

I think you need to know how this happened before making a decision.

I would guess it's more to do with a website you used rather than your device being hacked.

Your bank card may have been skimmed at an ATM as well.

Blazer

There's no way I'd do any sort of banking on an android device. Its too open and not enough auditing is done by Google on the security side.
Apple while not perfect are far more secure on the apps they allow into the app store.
My very first smartphone (real one) was the T-cell G1 android phone which was awesome at the time. I've also used HTC's phones a lot as I love their hardware and OS implementations such as Blinkfeed but I switched back to Apple for 2 main reasons.
One was security as I mentioned above..and 2 was the experience is more polished.
I do miss torrent downloading, simple file sharing etc that are available to android users but I value security above them.
I work in IT so I'm quite upto date on vulnerabilities etc but it can be quite easy to sneak a dodgy app upto the google play store.

frozenfrozen

Blazer wrote: »

There's no way I'd do any sort of banking on an android device. Its too open and not enough auditing is done by Google on the security side.
Apple while not perfect are far more secure on the apps they allow into the app store.
My very first smartphone (real one) was the T-cell G1 android phone which was awesome at the time. I've also used HTC's phones a lot as I love their hardware and OS implementations such as Blinkfeed but I switched back to Apple for 2 main reasons.
One was security as I mentioned above..and 2 was the experience is more polished.
I do miss torrent downloading, simple file sharing etc that are available to android users but I value security above them.
I work in IT so I'm quite upto date on vulnerabilities etc but it can be quite easy to sneak a dodgy app upto the google play store.

android is all sandboxed. You can use a dodgy app and put in your card details or get phished, sure. But you could also just get phished on an apple device.

But android isn't going to get some virus where your card details are stolen.


However I wouldn't touch any of those cheap dodgy android phones from questionable sources, so if you're talking about those then fair enough compared to an iphone they will be less secure

Idleater

Blazer wrote: »

There's no way I'd do any sort of banking on an android device. Its too open and not enough auditing is done by Google on the security side.

I'm just curious as to how this affects an assumed reliable official banking app for a known bank installed from the play store.

Are you suggesting that doing banking (or arguably anything) on a phone with sideloaded dodgywarez is a good thing? because the assumption I would be making is that the KBC/AIB/PTSB/Leapcard topup apps running on both iOS and Android would be "the same" in terms of security architecture and rely on the same back end systems.

<edit> I hadn't factored in the dodgywarez hardware devices of unknown origin mentioned by frozenfrozen - but weren't there dodgy iPhone clones too?

I think the common denominator is the dodgy part of both hardware and software and my premise above is that given official both - I can't see any issue with either platform and the most likely source of fraudulent actions on an account are from using cards at terminals and ATM

Creamy Goodness

Can’t say they’re more secure until we know how it was taken but get a credit card instead of using your debit online. Chargebacks are easier and don’t wipe your cash flow if someone happens to swipe it. Your debit card should go into to android pay and atms (once you check for skimming devices) only. There’s still risk there but you’re minimising it drastically by using a credit card.

Blazer

Idleater wrote: »

I'm just curious as to how this affects an assumed reliable official banking app for a known bank installed from the play store.

Are you suggesting that doing banking (or arguably anything) on a phone with sideloaded dodgywarez is a good thing? because the assumption I would be making is that the KBC/AIB/PTSB/Leapcard topup apps running on both iOS and Android would be "the same" in terms of security architecture and rely on the same back end systems.

<edit> I hadn't factored in the dodgywarez hardware devices of unknown origin mentioned by frozenfrozen - but weren't there dodgy iPhone clones too?

I think the common denominator is the dodgy part of both hardware and software and my premise above is that given official both - I can't see any issue with either platform and the most likely source of fraudulent actions on an account are from using cards at terminals and ATM

It’s possible to upload fake versions of apps that record customer info on android and this has been widespread and has documented before.
Google has increased their security big time and as long as your careful and check each app and it’s creator etc you should be fine.
Most fraud activitie would place site on a site you shopped from recently though so best to check what sites you recently used and avoid them.

IrishHomer

Idleater wrote: »

I'm just curious as to how this affects an assumed reliable official banking app for a known bank installed from the play store.

Are you suggesting that doing banking (or arguably anything) on a phone with sideloaded dodgywarez is a good thing? because the assumption I would be making is that the KBC/AIB/PTSB/Leapcard topup apps running on both iOS and Android would be "the same" in terms of security architecture and rely on the same back end systems.

<edit> I hadn't factored in the dodgywarez hardware devices of unknown origin mentioned by frozenfrozen - but weren't there dodgy iPhone clones too?

I think the common denominator is the dodgy part of both hardware and software and my premise above is that given official both - I can't see any issue with either platform and the most likely source of fraudulent actions on an account are from using cards at terminals and ATM

It's funny you mentioned KBC and PTSB. My bank is PTSB and my sister also got scammed and she's with KBC Bank and she is very careful and hardly ever shopping online.

DesperateDan

All android apps are sandboxed so it is not possible for example for an app to monitor your key strokes in a banking app.

Really you would have to be a total moron to download a fake app like some copy of Pokemon Go. Clearly it happens, but the very worst they can do (with full permissions), is spam your phone with ads and track your location. Unless you literally put your card details into them they aren't removing funds from your bank account.

That article is about as bad as it got and since then Google has stepped up their game significantly. Also bear in mind fake / malware ridden apps are only produced for very popular services here's another example, for the massive game Fortnight.

I would bet money your phone is not at fault here op and either your card was just skimmed, or you bought something online from an insecure site.

IrishHomer

DesperateDan wrote: »

All android apps are sandboxed so it is not possible for example for an app to monitor your key strokes in a banking app.

Really you would have to be a total moron to download a fake app like some copy of Pokemon Go. Clearly it happens, but the very worst they can do (with full permissions), is spam your phone with ads and track your location. Unless you literally put your card details into them they aren't removing funds from your bank account.

That article is about as bad as it got and since then Google has stepped up their game significantly. Also bear in mind fake / malware ridden apps are only produced for very popular services here's another example, for the massive game Fortnight.

I would bet money your phone is not at fault here op and either your card was just skimmed, or you bought something online from an insecure site.

But my sister was scammed and she never shops online

Idleater

IrishHomer wrote: »

But my sister was scammed and she never shops online

That was my point, the problem is with the physical card not the phone. From terminals in shops and ATM skimming to RFID style hacking.

To be honest, I find this a very interesting conversation, albeit you and not me being hacked!

murpho999

IrishHomer wrote: »

But my sister was scammed and she never shops online

Why do you think it's online fraud then when it's clearly not?

IrishHomer

murpho999 wrote: »

Why do you think it's online fraud then when it's clearly not?

Because from all my discussion with the bank fraud department they said it is most likely

Soulsun

Are banking apps in general not a good idea on android phones?

Creamy Goodness

IrishHomer wrote: »

Because from all my discussion with the bank fraud department they said it is most likely

The bank is hardly going to admit to having skimming devices installed on their atms. Even if they were reported it give a bad reputation if they say their own atm was compromised.

Card security is simple really. Don’t let it out of sight (especially in the states) inspect atm card slots by pulling on them and look for cameras that capture your pin. Not all scams are online. Even if you haven’t used your card in a compromised atm it doesn’t mean people can’t get your details. You could have used it at a real world retailer with **** security and have their systems unsecured.

Be aware, but don’t be tinfoil hat like. Use the likes of a prepaid instant top up card with virtual card numbers like Revolut or Paypal for dodgey online purchases. Look out for atms that may be compromised. Be sketchy when using your card at terminals and if your abroad don’t let the card out of sight (example American restaurants) they walk away with your card, can be skimmed whilst they do the pre-with for your restaurant bill.

One thing to note - pun intended - don’t store your card details in a note or in plaintext on Android. A rogue app could have blanket android permissions to this and it’s there. Android - whilst gotten better on permission - sucked for the longest time, e.g. flashlight apps which uploaded your contact book to their own servers etc. Heh maybe I’ve gotten a little bit tinfoil hatty.