DBS Ideal Threat detected

As a SME business owner, I am absolutely dismayed how awful online banking is. How do companies cope?

It's almost a 100 step process to see my balance online with DBS! There is no API access, except for one that Xero wrangled and sometimes their bank feeds are missing transactions due to "pending transactions". So you get these wonderful scenarios where your bank balances do not tally up.

UPDATE: I'm told Bank2Xero::DBS may help in these cases. Or not. Btw Xero is sadly incapable of detecting duplicates between an imported and bank feed. :facepalm:

Ideal OTP

Try to login using their "uniquely broken" OTP (why don't they use a standard like Google Authenticator FFS!?!) app and you will probably hit:

VGuard has detected the following threatsFailed to start VTap

The workaround is to re-launch the app on IOS. I did complain to DBS earlier this year, and I received a reply:

Our technical team has deployed a temporary solution to fix the issue, and will continue to work on the long term fix.

The app has not been updated for two months. So I am puzzled when they "deployed a temporary solution" ?

I still have the same problem. I also made a video titled Payments made Simple about DBS's insane UX.

DBS (a week later of course) then replied again to say:

With regards to our email to you on 6 Mar 2018, please be informed that this issue is related to the security policies in our server and not our app build. Hence there are no updates to the app version.

We are sorry to hear that you are still encountering this issue. Please kindly provide us with your latest Troubleshooting Logs from the IDEAL Mobile App for our further investigation.

(I asked how am I supposed to do this?!)

As we have enhanced the security of IDEAL Mobile to prevent unauthorised transactions from malware and phishing attacks, some device configurations and 3rd party apps will pose security risks and will not be compatible with IDEAL Mobile App. Please be assured that our development team is working to improve device compatibility without compromising security.

I think the "Fintech" company behind this crazy false negative is https://www.v-key.com/about#about-v-key. Somebody needs to sit down with DBS and explain to them Apple's IOS sandboxed security model that makes Apps already insulated from malware.

Advertisement

If you like this, you might like the stateless Web kiosk software I develop. Webconverger typically replaces Windows on PCs and is deployed in public and business environments for ease of deployment and privacy. Once installed it auto-updates making it painless to maintain. Try it where you exclusively use the only viable open platform... the Web!