The basic problem is this: If you use a computer in an internet cafe to access your online banking account(s), there’s an excellent chance that your user ID and password will be ‘captured’ by so-called ‘key logging’ software. The same problem will plague you as well if you use your own machine, especially over a public Wi Fi connection.

Don’t be fooled by the many ‘experts’ who point out tricks like using Microsoft’s built in ‘soft keyboard’ or storing your password in a separate file and dropping it into the password field on your bank’s login screen via cut and paste. These solutions are not solutions at all.

Windows, Linux and Apple operating systems all work in a similar fashion. When you type a key, or click on a ‘soft’ key or paste key data, it goes into a location in the operating system known as the keyboard buffer. The system then processes the machine representation of the text that is in the buffer.

Capturing that data is trivially easy for nefarious software developers. As long as you user ID and password is static .. the same for one transaction after another … you are at risk, no matter how you put the data onto the screen (into the buffer). The only really secure method is to have a constantly changing pass word or security code, so that a password captured this minute will be no good a minute from now if a criminal tries to use it.

Hopefully other banks, both in the Philippines and in the US …where banking security is a joke .. will follow HSBC’s lead. For myself, I’m going to vote with my money and move my online activities to HSBC RSN (Real Soon Now)

Related Posts:

• Getting there is Half the Fun? Travel Providers 2
• Getting Around In The Northland — Tricycles
• Philippine National Anthem
• Update on the Trip
• What About School in the Philippines — Part 2