There is a legal firewall on the VISA card. $50 is the maximum amount I can lose in the event of fraud or loss - and that is only if I delay reporting a lost card for too long - otherwise it's zero.
And, if there is fraud, the card issuer is the one on the hook until/unless I pay the VISA bill. I still have my money. That contrasts with a debit card where somebody can clean out my account and it's on me to get the money back. Ditto stock trading accounts and whatever other online facilities are out there.
I would say there is a continuum from reasonable expectations to paranoia - it's not a binary condition.
My credit card has a form on line where you can tell them where and when you will be traveling. It really does help. I also tell them when I will be out of the country.
I have a CC that I rarely use, but I often use it on vacation. One day one first day of vacation we had breakfast, bought gas, went to a retail store, three charges in about an hour. At the store, the clerk had to call and they asked me a security question. No problem the rest of the trip.
Another time I was on my way home from work and got a text from the CC card company. They asked if I was buying something in France. Texted back "no" and they stopped payment and sent me a new card.
In any case, you can be sure security is being increased, not decreased when you sign in on line.
Agreed. Further my cash back no-annual-fee AE card pays me around $400/year just to use it.
BTW my CC allows online alerts. I get emails/texts when it's used out of a certain area, over a certain limit, etc. Further even if you know my online bank account user name and password you can't access it unless you have my phone in your possession. (2 step verification.)
I only use my debit card for ATM cash since it pays me nothing back. But my bank gives me the same protection as my credit card. Likely yours does too.
There is a $500K protection on stock accounts.
IMO you are in more danger giving your card to the waiter or stuffing it in a gas machine than I am banking online. If you take reasonable precautions you will lose nothing and your financial life will be much easier.
"If you ever discover an error in a trade confirmation or brokerage statement, you should immediately bring the error to the attention of the brokerage firm in writing. Unless you complain in writing, your eligibility for SIPC protection may be compromised."
And also for theft by a broker or other employee, right?
Some member of the HOA one time thought it included stocks going down in price and I couldn't talk him out of that.
He was a real pip.
Apparently there was a group home for mentally something** children in the n'hood, only 10 townhouses away from me. They never caused any problem, except once when I wasn't outside, one of the kids didn't want to get on their bus, or didnt' want to get off. That lasted less than
5 minutes.
**childrhoold mental retardation or illness, I forget which.
These are 3 BR houses with a 450 ft2 room in the basement fwiw. And there was a person in charge and only 4 or 5 kids.
Now the same company wanted to buy or rent a second house and someone got wind of it and there was a meeting.
The pip's wife stood up to speak. She said, My brother had this problem, and I spent years watching him suffer from it, and..... I don't want to watch it anymore.
Silly me, halfway through I thought she loved her brother and had learned compassion for such people from him. But she only learned to avoid them, And so she didn't want them here. And they lived on the next block, a parallel street, and would never see them anyhow.
IIRC I ended the meetng by saying something that should have embarrassed anyone opposed to house, and the first house at least was there for another year with no problem, until one day it was gone. Well, not the house itself.
My understanding, it yes. However, that doesn't cover for things like the charge cards or banks do. (Actually the FDIC isn't involved in those either.)
Must not be the only one. That we featured on SIPC's FAQsm
Yes, we were talking about online fraud weren't we.
The two online brokers I deal with (ETrade and Vanguard) both say they will cover ALL online fraud security losses. (Except those where the client is negligent.) And they both keep broker account cash in their respective FDIC insured banks.
Got to wonder if "negligent" includes the presupposition that if a third party was able to get to the account the account holder is assumed to be "negligent" because it is assumed that the only way the third party could have gotten to the account was if the account holder was "negligent" in keeping their ID/PW secret.
Maybe show you the wrong image then take $5 from your account if you sign in anyway. I can see the merits over insecure comms, but now the encryption scheme is supposed to verify that you're communicating with the correct party, although even that gets thwarted when the MITM can install their certificates in your browser (like an employer).
Sounds like they tweaked the implementation over time. I thought it a bit clever since the caption I create doesn't necessarily have to be related to the image.
Going though old BofA paperwork a couple weeks ago I ran across a promo for their online banking...1980's vintage. Even had an order form for a dedicated terminal in case I didn't own a computer. In some ways I miss the simplicity of text based system.
On Tue, 28 Jul 2015 21:44:58 -0400, "(PeteCresswell)" wrote:
I guess that's what lawyers are for. IMO I am in much more danger of losing money from bad investing than from online fraud. That said, here is Vanguard's fine print. I agree there's lots of wiggle room.
"At a minimum, in order for this protection to apply, you must take the following steps: Review your accounts regularly. Check your account frequently. Promptly and completely review all information we send you. Report any errors or discrepancies in your account and any suspected unauthorized transactions or account changes to Vanguard immediately. Protect your Vanguard.com user name, password, and other account-related information. Make sure your user name, password, and answers to your security questions are unique and strong. Never share your user name, password, or other account-related information with anyone. Never store your user name, password, or answers to security questions in your browser. Clear any temporarily stored copies of online information by closing your browser after signing off. Do not leave your computer unattended while logged on to Vanguard.com. Protect your computer. Make certain that any computer you use to access Vanguard.com has up-to-date security and anti-spyware, antivirus, and firewall software. Do not reply to e-mail requests for personal or financial information. Do not respond to, open an attachment in, or click on a link within an e-mail if you suspect the message is fraudulent. Vanguard will not ask for personal information such as your Social Security number, account numbers, or passwords in an e-mail. Cooperate with us and stay informed. Cooperate fully with Vanguard in investigating and prosecuting any unauthorized activity in your account, and follow our recommendations about how to protect your account. We may require you to file a police report, complete a notarized affidavit, or permit access to your computer."
Except in the case of what BA is doing, it clearly decreases security. By presenting you with an image that you select and know *before* you give them your password, you know that you're actually engaging with the real BA website, not some hackers that have duplicated BA to steal your logon credentials. If you don't see the image, you know something is wrong. Without it, hackers could and do present what looks like a real logon page. So, you try to log on and now the hackers have your user name and pwd.
Kurt's point was that *SIPC* does not protect against online fraud in a brokerage account. And he's correct:
From SIPC:
"Does SIPC protect me if my account is hacked and cash and/or securities ar e stolen?
SIPC's role and responsibilities are as defined under the Securities Invest or Protection Act (SIPA). Under that law, SIPC only becomes involved when a SIPC member brokerage firm is eligible for liquidation under the Securitie s Investor Protection Act. If you discover that your account has been hacke d or your securities or cash have been stolen, you should contact your brok erage firm, the SEC, FINRA, your state securities regulator, and/or law enf orcement authorities."
So, there is no automatic $500K, universal, SIPC protection. Apparently how a broker treats online fraud is typically up to them and they set the rules.
Usually lawyer talk makes a certain amount of sense once parsed - but that one just doesn't make it.
To my (possibly overly-literal) mind it even implies that the user somehow has access to the universe of Vanguard IDs and PWs so they can check themselves....
I've got every dime I own in Vanguard funds and make a point of not using their online access. OTOH, I probably do when I download their version of Quicken at tax time.
Considering the recent data breaches all over, do you really think BA decided to shortcut and lessen security?
Perhaps they don't want to publicly give details,but I think they are just doing new security in a different manner. There are probably stronger methods employed that obsolete the site key. If the site key was a great enhancement, they would all be doing it by now.
I don't doubt that they have other techniques. But it's clear to me that presenting you with an image that only you and BA know before you enter your PWD would prevent hackers from creating a phony logon page. It workded with Micky. He noticed that he wasn't getting the image and wondered if it was really the bank. You can have X, Y, and Z that all provide some added level of security. All I'm saying is that if you still had Z, the image challenge, then security would be better even if you have X, and Y and think they are very effective. It only adds, it doesn't subtract.
What is to stop a hacker from presenting the site key? I always thought it would be the perfect method of stealing your info. There are shady people out there with all sorts of tricks and one photo is not going to keep them from taking your fortune.
I really don't think they would lessen security one tiny bit. Just look at the Caller ID scams where your own number shows up.
HomeOwnersHub website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.