El Sat, Sep 21, 2019 at 07:22:22PM +0200, H. Nikolaus Schaller deia: > > > Am 21.09.2019 um 19:14 schrieb Martin <[email protected]>: > > > > > > Note: I live in Germany and do not own a mobile phone. My bank > > uses the so-called "Sm@rt-TAN plus", where one inserts the bank > > card. It reads some flickering code from the screen and displays > > the TAN. It was less than 12 € in the electronics shop nearby. >
I envy you, Martin. It's almost a reason to emigrate to Germany... > Well, yes this works of course. But makes me carry along (and not > have with me when needed) another device. With battery that may > be empty in the wrong moment. > For me that would be a feature. It would likely mean I spend less, specially on impulsive sales. > And someone may have more than one bank. Each bank seems to have > a different mix between SMS (mTAN) and some App. Some banks require > you to confirm every login to your bank account. > > All this is fine with a modern smartphone if you do not care about > free and open :) And if you don't care to be required by your bank > to carry around a TAN generator. > I do care about free and open, but I'd care even more in banking than other uses. I haven't researched this, but I've heard SMS security is long broken, and phones physical security seems to me very weak. I'd prefer to be able to do all (or most) transactions with my bank from home than having to visit their offices, but I wouldn't like to carry with me a device that when lost or stolen could help others impersonate me in bank transactions. Even traditional credit/debit cards are somewhat dangerous to carry. > BTW: this makes me wonder if a TAN generator can be used for tracking > users? Who knows what information it is encoding in the TAN? > No idea, I hadn't heard of TAN before. Sounds like an interesting question. > > > > (Btw. my bank is a cooperative, which means, I'm the owner. > > Well, one of more than 2¹⁵ owners...) > > Which obviously makes them more client-oriented than others. > Pse. Mine is also a cooperative, but now it requires a mobile phone to operate. For many years it was enough with login and password, and for operations moving money, a printed code card (a small One-Time-Pad, which I left at home). Now they send you a SMS that someone could intercept or someone could use your stolen phone, or force you to use your phone... The general conditions, like fees and options are also worse each day (but the members keep increasing). I mean being a cooperative is not immediately a silver bullet (but maybe the rest of banks are even worse). _______________________________________________ Community mailing list [email protected] http://lists.goldelico.com/mailman/listinfo.cgi/community http://www.tinkerphones.org
