Tap-and-Pay Apps?

How Hackers Can “Tap” Your Bank Accounts

Yeh, nope. Tap-and-pay may be convenient, but I have never been persuaded that it is safe, and so have never enabled it. I’m far safer carrying cash (because muggers? *heh* No, for many reasons).

Condition Yellow should apply at all times to data/device security, not just physical security.
_____________________________

For online purchases–another area of banking insecurity–I rely on several different tactics, including the careful use of a debit card tied to an account at my local bank that is designated for such use. . . a bank where my next door neighbor is head teller, and I know all the other folks in the bank as well. They look out for any anomalies very well.

SpyWear™

“Smart” clothing?

How dumb do people have to be to call SpyWear™ “Smart Clothes”? Sure, it doesn’t HAVE to be that way, but unless folks make sure their data is kept locally, more than just air-gapped from the web, their private info. . . isn’t. I do use a fitness tracking device that coordinates with an old phone that is disconnected from _any_ network (including my local network). I can evaluate the data collected, so I get the benefits w/o “sharing” my data.

BTW, yeh, all the apps I have on that old phone do gripe at me, wanting network access, when they fail to phone home. I just smile and enjoy those gripes. (And yeh, I don’t just rely on disconnecting it from my network. I have it blocked at my router. 🙂 )

Is YOUR Online Data Secure?

No. In fact, this site is not “secure” in any real sense, and some PII about me can be gleaned via various means from this site. So? NO PII online is secure. There is no such thing as personal data security online. There is only the possibility of LESS insecurity. While one can improve one’s data security, absolute security is a chimera. Knowing this is the first step to better security practices, IMO, which includes whatever controls one can put on what data one allows online to begin with.

For example, while I use a password manager for low-value sites (sites where little PII accrues, for various reasons*), I use enhanced memory techniques and memorable pass phrases derived from hobbies not noted online or in emails or other such communications) for sites with more sensitive (or accurate *heh*) PII. (And yes, I know I won’t be around forever, so such passphrases are also secured on an encrypted flash drive and stored in a safe which only two people have access to besides me. Maybe it’s just me, though. . . ) That, plus two-factor authentication, are good things to do, but do not, of course, assure any real security, because once data is online, means of compromising the site storing it proliferate beyond one’s control.

And yes, I take a lot of other steps, and STILL my data is not secure. Never will be. Neither will yours be secure, because once it’s online anywhere, it’s really beyond your control. All one can do is–hopefully–limit access as much as possible.
_______________________________________________

*There are a lot of diverse sites on the web that interest me that also require registration I view as intrusive and unnecessary, so I obfuscate and often outright lie in registering, as well as offering throwaway email addresses (also registered with obfuscated data). *shrugs* I’m not a good mark for con artists, either. 😉 For most such places, I also invoke a foreign IP address via one of several different VPNs. TOR helps, as well.