Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Depends on what country you're in. In the UK, the banks are often held liable for various scams that involve the transfer of money, so they up the security over and over again. A bank will rightly argue why it's responsible for an old granny sending her life savings to her new lover in Namibia, so it seeks to block that transaction in the first place.

Some of that liability is fair but most of it is the government telling the banks to account for the loss when someone is scammed. They are obviously going to mitigate that as much as they can.



Rooted devices don't enable that transaction. That's all social engineering.


It's all social engineering now but that's because phones are secure and remote attestation infrastructure is in place.

Go back fifteen years and malware is absolutely submitting bank transactions after the user does a 2FA.

https://krebsonsecurity.com/2010/03/crooks-crank-up-volume-o...


and grandmas don't root their devices.


As a devils advocate grandma would have no idea if she was buying or got her device rooted by someone else.


> so they up the security

They're upping the surveillance, not the security, quite demonstrably.

This is meant to protect /them/ from liability and not /you/ from loss.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: