Safe Online Banking with Virtual Private Networks

August 30, 2016 Posted in VPN Education by No Comments

Safe Online Banking with Virtual Private Networks

With a greater number of people discovering the ease and convenience of online banking, which lets them access all banking services in the comfort of their home, hackers too have found that is a demographic which would be worthwhile to attack.

And people don’t even realise they have been ‘attacked’ until later. What hackers do is to surreptitiously install monitoring software on the computer of a person who uses online banking services. The software, rightly called malicious software or malware for short, secretly records login credentials and sends them to the hacker. The user, in most cases, is unaware of the presence of malware. He/she may have installed it (giving explicit permission for installation on a PC or mobile device overcomes the antivirus program, which by default blocks all unauthorized installations) thinking it was a game or an utility app. With it functioning as expected, there was no reason to suspect anything amiss – only that the additional ‘recording’ functionality was hidden from the user.

The hacker then uses the user’s credentials to login to the bank’s website, and then transfer the latter’s money into his/her own account, usually one that cannot be traced. The user comes to know of all this only when he/she loses all his/her money.

VPNs to the rescue

When one subscribes to a VPN service, a physical server is placed between the user and the internet. All outgoing and incoming internet data is routed via the VPN server, and this connection is encrypted. So when a user types in his login credentials, that data is encapsulated into ‘packets’ and encrypted. Any data packet capturing program (this functionality is embedded into the malware) sees only a string of random characters. It can see the IP address the data packet is sent to – that of VPN server. However, this doesn’t tell the hacker anything, as all data packets are sent to the VPN server.

So whether you access your bank’s website or, the hacker can only see the IP address of the VPN server. Sniffing incoming traffic too is useless, as they too all come from the same IP address. The level of encryption means that the data contained in these packets cannot be made sense of either. It would either require the hacker to have a million computers working in tandem for 26 days at a stretch to decrypt the date or one computer operating continuously for 734 centuries. No hacker is likely to have that kind of processing power – or patience – his disposal.

Leave a Comment