• johannesvanderwhales@lemmy.world
    link
    fedilink
    arrow-up
    12
    ·
    8 months ago

    I take your point, and I’m sure you’re right about the banks’ rationale, but in my own view it does not seem like it should be the banks’ decision to make.

    • qjkxbmwvz@startrek.website
      link
      fedilink
      arrow-up
      8
      ·
      8 months ago

      As soon as a bank offers any sort of fraud protection, though, security becomes a bank issue (in addition to a “you” issue).

      Not at all saying I agree with the banks on this, but I think that may be part of the thinking.

      • dan@upvote.au
        link
        fedilink
        arrow-up
        2
        ·
        8 months ago

        This is a good point. The bank needs to do as much as they can to reduce fraud risk, and they’ve probably found some correlation between rooted phones and a higher likelihood of fraudulent transactions. Some banks block VPNs for a similar reason - when logging in from a VPN, it’s harder for them to tell that it’s actually you vs if it’s an attacker that uses the same VPN service as you.

    • markstos@lemmy.world
      link
      fedilink
      arrow-up
      1
      ·
      8 months ago

      Your risk exposure is that you could lose your bank account balance. The banks risk exposure is that they could lose every bank account balance exploited by the same rooted phone vulnerability. So they evaluate risk differently than you do.