this post was submitted on 04 Apr 2024
1019 points (98.8% liked)
linuxmemes
20880 readers
6 users here now
I use Arch btw
Sister communities:
- LemmyMemes: Memes
- LemmyShitpost: Anything and everything goes.
- RISA: Star Trek memes and shitposts
Community rules
- Follow the site-wide rules and code of conduct
- Be civil
- Post Linux-related content
- No recent reposts
Please report posts and comments that break these rules!
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
There is no banking app for authenticating transactions for desktops?
Web browsers.
Edit: Nevermind, I don't know what this even is.
At least in the EU web browsers don't allow for authenticating transactions (beyond a limit of e.g. 30€). Either an additional authenticator app or a standalone card reader is mandatory.
Luckily my banking apps work flawlessly on GrapheneOS and even microG, likely because of they care about the bootloader being locked again.
I guess I don't know what you mean by "authenticating transactions".
Online transactions require a second factor which displays the actual amount to be transferred. This works by either an app which receives the transaction data (recipient, how much) over the network, or a device which takes the bank card and is used to scan something similar to a qr code. The device then displays the transaction data.
This makes sure a fraudulent site can't easily change the amount or the recipient of a transaction, even if they somehow made an identical website (or close enough).
https://www.ecb.europa.eu/press/intro/mip-online/2018/html/1803_revisedpsd.en.html
It's not perfect, especially with people using a banking app and the second factor app on the same device for convenience sake.
Interesting. If they do that in the US some day, I would absolutely much rather buy that device than unroot my phone.
Not for authentication. No idea if this is not a thing, but banks here in Germany all have their weird proprietary TOTP app that checks if your device is rooted or now even if it is a "Google certified OS".
You can use some weird hardware device instead with the obvious drawbacks.
My favorite thing is when banks don't allow passwords that have spaces in them or are more than 12 characters long.
Honestly there should be a standard of what security means, like how passwords are stored and how TOTP is implemented, and if a bank doesn't implement it then THEY are responsible for any "identity theft" that happens on their site, not the users.
Looking at you, fucking Paypal.
Or yes, my bank wanting only numbers not even letters.
Literally the only passwords I dont have in Firefox.
But don't support standards like WebAuthn or even FIDO 2.
Your browser?