VPN users - how best to deal with this situation?
As I have written previously, I connect to the internet through a VPN probably 98% of the time. It seems safer.
Recently, my bank started to reject any incoming sessions that come from me when I am using the VPN. So, to do my banking (which should be more secure, not less), I have to turn off the VPN, log into the bank and do my thing, and then turn it back on.
Have you run into this? It’s annoying as a customer, and it seems insecure (to me) to have the bank disallow connecting with a VPN. They probably have some rationale to protect themselves, but they don’t care about the customer.
I have zero hope that anyone at the bank’s customer service number would even understand my issue.
Any ideas?
Observing members:
0
Composing members:
0
16 Answers
Is your VPN is in a FOREIGN country, the bank should block it ! ! !
A. Whut is a VPN?
B. My internet banking has been going wonky too. Could it be something other than your VPN.
And
C. My bank has a whole different department for internet banking issues other than the tellers who field phone calls.
@tropical
No, it’s a US server. I usually connect to Chicago and New York or something like that
I have run into that sort of thing. I suspect that the bank has your usual IP address on file somewhere, or at least they are checking to see where IP addresses are located when you log in. If you are logging in with a mobile app, the IP address doesn’t apply as much. But if you are in Cleveland OH and you are logging in from San Francisco (where your VPN is) the bank is trying to verify you are you and not someone that took your identity.
I would call the customer service though. It seems odd that they would completely block you. Usually you have to go through some sort of security check if they don’t recognize your computer, whether it is answering security questions or having them send you a temporary access code to your phone or e-mail to verify it is you.
You generally have to turn it off. Some VPN providers offer a unique IP that is just yours that can help with this issue. The problem is that a VPN generally uses the same IP for most of its users and they get blacklisted in the security software your bank uses when it sees too many users on the same IP. They’re going to be using SSH and if they allow two-factor authentication there is nothing to worry about. If your bank does not use SSH and two-factor authentication then ask yourself if you should be banking online with them.
Well, that makes me feel better about my online banking being such a B**** lately @Blackwater_Park.
A VPN is not a security tool so you should probably stop thinking of it like that. A VPN is a privacy tool – it stops your ISP knowing what sites you are visiting and websites knowing where you are. Thats all.
@Lightlyseared Many VPN services also encrypt at a high level. The big penalty other than the cost is that you some bandwidth. Most people with a broadband connection won’t notice though. Do a speed test with it on and one with it off and you’ll see what I mean.
@Blackwater_Park all VPN’s encrypt that’s how they hide what’s going where. But encryption by itself doesn’t equal security.
@Lightlyseared Define security then. Are you referring to anti-virus software and firewalls? How is encryption not part of overall security? By that thinking, SSH is not “secure” and we can go back to using telnet. I did mean to say HTTPS in my response above.
@Blackwater_Park You get the benefit of HTTPS even without using a VPN. Using a VPN only changes who can see the metadata of what sites you visit
While there are 100’s on VPN’s on the market the vast majority are owned and operated by a small number of companies. If you wanted to see what the most paranoid security conscious people were doing and install software on the PC’s setting up a VPN is the quickest easiest way to do it.
There’s a reason OP’s bank blocks connections from VPN’s and its not because it doesn’t know what a VPN is.
Now if you want to hide your weird sexual fetishes from your company or college or download a pile of pirated content with an extremely low but not zero chance of getting caught a VPN may be for you.
My experience is that as long as my virtual ip is in the USA I don’t have this problem but if it’s outside I do. The websites will tell you all manner of lies when you try to log in, such as you’ve tried to log in too many times when it’s the first attempt in a week. Anyway, my workaround is that my antivirus has free VPN with ip address in another US city which always works. My browser has free vpn which assigns an ip in “The Americas.” That one is iffy for banks. I can’t control the location of IP. I have to log into weather dot com to see where my virtual IP address is saying I am before going to bank site. So, if going to the bank I switch to antivirus’s VPN and when finished, go back to the brower’s, which is unlimited use/data. The antivirus has a weekly data limit on the vpn. The browser doesn’t. Sorry this is long and unlike me, but, it is.
@Lightlyseared I understand, but again, VPN is still as much security as it is privacy.
It is opposite that, They actually are showing that they care. Have you ever tried calling an organization now and had to answer 3 security questions before they would validate you were you? Frustrating only because it is new and slows you down. Secure, YES!
Hiding behind a VPN is exactly what the bank is trying to protect your account from. Not showing or masking an IP or connecting from a random country is what hackers employ to be elusive. Not letting you in is actually is your bank or other organizations way of trying to better ensure it is you and protecting your assets and securing their network. Think of it this way, Your bank knows that you live at a certain location. Why would they allow you in if you logged in from Uzbekistan?
Use of a user controlled VPN is different from a whole organization (say your companies VPN that allows you in remotely) corporate side VPN.
If you were a remote worker you come in through a specific tunnel that has security elements protecting access to their network. It is requiring certain network policies are being met like being able to validate your IP , country, certs if needed, etc. Hiding these items will simply bar you from being allowed on.
Streaming services are now doing the same thing. There are so many other security aspects in place now like multi-factoring that protect your accounts for organizations that care and have invested.
Have you tried incognito? I rarely have this issue but if I do I use incognito and its fine without redoing my VPN.
Incognito just hides your browser activity on your device. It does not record that activity in history. I.E. you can’t go back and see who was watching porn in the browser history…. The rest of the world knows it though…
Answer this question
This question is in the General Section. Responses must be helpful and on-topic.