[Tinkerphones] OT: Banking in Germany (was: Strategies for sustainable phones)

Xavi Drudis Ferran xdrudis at tinet.cat
Sat Sep 21 21:33:22 CEST 2019


El Sat, Sep 21, 2019 at 07:22:22PM +0200, H. Nikolaus Schaller deia:
> 
> > Am 21.09.2019 um 19:14 schrieb Martin <debacle at debian.org>:
> > 
> > 
> > Note: I live in Germany and do not own a mobile phone. My bank
> > uses the so-called "Sm at rt-TAN plus", where one inserts the bank
> > card. It reads some flickering code from the screen and displays
> > the TAN. It was less than 12 € in the electronics shop nearby.
>

I envy you, Martin. It's almost a reason to emigrate to Germany...

> Well, yes this works of course. But makes me carry along (and not
> have with me when needed) another device. With battery that may
> be empty in the wrong moment.
>

For me that would be a feature. It would likely mean I spend less,
specially on impulsive sales.

> And someone may have more than one bank. Each bank seems to have
> a different mix between SMS (mTAN) and some App. Some banks require
> you to confirm every login to your bank account.
> 
> All this is fine with a modern smartphone if you do not care about
> free and open :) And if you don't care to be required by your bank
> to carry around a TAN generator.
>

I do care about free and open, but I'd care even more in banking
than other uses. I haven't researched this, but I've heard SMS
security is long broken, and phones physical security seems to me very
weak.  I'd prefer to be able to do all (or most) transactions with my
bank from home than having to visit their offices, but I wouldn't like
to carry with me a device that when lost or stolen could help others
impersonate me in bank transactions. Even traditional credit/debit
cards are somewhat dangerous to carry.

> BTW: this makes me wonder if a TAN generator can be used for tracking
> users? Who knows what information it is encoding in the TAN?
>

No idea, I hadn't heard of TAN before. Sounds like an interesting question.

> > 
> > (Btw. my bank is a cooperative, which means, I'm the owner.
> > Well, one of more than 2¹⁵ owners...)
> 
> Which obviously makes them more client-oriented than others.
>

Pse. Mine is also a cooperative, but now it requires a mobile phone to
operate. For many years it was enough with login and password, and for
operations moving money, a printed code card (a small One-Time-Pad,
which I left at home).  Now they send you a SMS that someone could
intercept or someone could use your stolen phone, or force you to use
your phone...

The general conditions, like fees and options are also worse each day
(but the members keep increasing).

I mean being a cooperative is not immediately a silver bullet (but maybe
the rest of banks are even worse). 



More information about the Community mailing list