Comments | pittsburgh: best online banking in Pittsburgh?

khyron in pittsburgh

best online banking in Pittsburgh?

Apr 10, 2008 17:25

Greets again Steel City, this is that intrepid n00b again who's getting ready to move up there. I read carefully through all the previously tagged banking posts and got a lot of useful feedback but I have one outstanding specific question to ask you - between PNC, Citizens, and National City who has the best online banking interface ( Read more... )

money: banking

Leave a comment

Back to all threads

talldean April 10 2008, 21:24:37 UTC

Dear lord, how I wish I could shut off multi-factor authentication. Without user training, it's useless, and you cannot expect users to learn this lesson.

Then again, as long as I'm wishing, getting an email that I have a "secured message" would be awful nice.

khyron April 10 2008, 21:31:34 UTC

Oh some places actually will let you turn it off, or at least will let people "opt in" to it. But in the end, someone down in the Fraud department screams bloody murder and goes on a hunger strike begging the company to stop.

I totally understand how people can find it sort of confounding when they don't want it at first, but it makes so much sense that eventually when older folks die off (sorry, cruel, but it's how the Internet eventually gets to do better stuff) younger customers who have been used to it forever won't mind it at all (and will likely react with fear if it's not offered, especially if they understand identity theft).

talldean April 10 2008, 21:36:01 UTC

If someone's hacked my DNS server to setup a phishing scam to get my bank password, I have bigger problems. Admittedly, this happens on public terminals.

As another linked issue, if everyone moves to the multi-factor authentication, it starts getting harder to remember all these images. I probably have accounts on around a hundred sites.

Perhaps we need a Universal Single-Sign-On application. Hrrrm. Here's looking at Google...

That said, on topic, I'm neither impressed nor disappointed with my National City online account, which bats about even with Chevy Chase Bank, but below BOA.

khyron April 10 2008, 21:40:58 UTC

Personally, I used to scoff too honestly. But that was years ago before wifi access was everywhere. The idea that you can't possibly trust your LAN frequently, let alone the Internet, makes for a lot of interesting new kinds of attacks.

Single sign on concepts of course have all kinds of interesting advantages...and that one really big frightening disadvantage. Could be interesting and make a lot of people happy, but I'd be one of the weirdo hippies that wouldn't use it. For me, the "single sign on" of doing all my financial services with one vendor is enough (that's why I'm not willing to split myself up across multiple nifty Internet based no physical branch type vendors, which you'd think a web dork would be all over doing).

talldean April 10 2008, 21:43:34 UTC

Honestly, if you're ex-military or a parent is ex-military-officer, USAA is *the* bank, as far as I've heard for all-in-one all-online banking with great service and rates. I don't have such luck; I'm military contractor, and one parent was military... non-officer. Fail.

You can trust your LAN if the password transmission is over SSL. On the minus side, note that sites like Twitter transmit your password *and* your Gmail password in the clear if you click on things in the wrong order. Boo to that.

amergina April 11 2008, 02:09:34 UTC

I concur. I love my USAA account. I can't say *anything* bad about it. (I'm lucky enough to be a former dependent of a USAA member, so I got to be a member too.)

khyron April 11 2008, 02:30:36 UTC

I hear ya, my in-laws swear by them for everything. I just like physical branches with people in them and a local presence. I'll look at them for insurance possibly though, because we only have our current insurance because I know my agent personally, and we won't be with him anymore.

talldean April 10 2008, 21:53:33 UTC

Amending this, my National City account login name is my Social Security number, as that used to be the default, and they've never forced me to change it.

Boo to their original implementation.

khyron April 11 2008, 02:32:04 UTC

BoA never forces anyone to change it either, but I noticed once while bored and curious that their Javascript doesn't appear to send the actual login username anyway, but rather hashes it into some kind of unique token. So that's nice to know. I know people are crazy about SSNs these days but if you're sending a hashed version of it and you're doing so via SSL, that's really not so bad.

_orz April 10 2008, 23:32:53 UTC

Since Jan 2007, Federal law has mandated that all online banking use multi-factor authentication.

khyron April 10 2008, 23:35:18 UTC

Now that's the kind of embarrassment I get for returning to the public sector.

Man I remember when I had trouble sleeping because I was reciting regulations in the back of my skull someplace...how sad.

:)

Back to all threads