In the high-tech world the term redundant is actually a good thing. Most folks think of redundant in terms of jobs, and being declared redundant (i.e. being laid off, or the like), however in the high-tech world redundant is actually a vital part of reliability. If there are redundant systems in place, or redundant connections then there are backups in place to take over if one of the systems fails, and that is what I mean by Financial Redundancy.
Last week there was a very good tweet that inspired me to think about this concept.
The point being made is that you need to have a separate bank account in a different bank or savings concept (trust company or the like) just in case your main bank account or bank gets compromised in some way. What do I mean by compromised?
- Your account has been hacked and thus locked out so you have no access to it, until the issues with the security intrusion is remedied.
- Your bank “goes down”. This can be a myriad of possible issues including: Interac failure, Computer system crash, bank is hacked (as mentioned in the tweet), etc.,
- Your bank fails? Yes, this is ridiculously drastic, but it has happened, and I am sad to say, it will happen again (ask the folks who had money in Savings and Loans in the states)
Really the question is what do you do if you don’t have a redundant money supply to fall back on? You could use your credit cards, and you already have a redundant system there don’t you (pretty much everyone has more than 1 credit card, a Visa, a Mastercard, an Amex, maybe even a Diners Club), so why don’t you have some redundant savings in place too?
This Seems Redundant
An idea is maybe putting your Emergency Fund (which we all should have in some fashion) at a different bank? That way it really can help in an emergency.
Interesting, I received an E-mail from my bank (TD) pointing out that they now support using my Android -or- Blackberry phone ( no mention of the iPhone 6, since it only supports NFC for Apple Pay) to make small payments (tap and go), as a Near Field Communication (tap and go) device, if I have a supported credit card with them (which surprisingly, I do).
Now Your Phone is Your Wallet?
To quote TD’s e-mail to me:
Any TD EasyWeb customer with a supported Android or BlackBerry smartphone, eligible TD Credit Card and the TD app can enjoy using TD Mobile Payment. The Android or Blackberry smartphone must be certified and enabled with Near Field Communication (NFC) technology (contactless) and a NFC SIM Card to securely store your payment information, and have a mobile plan with a participating carrier/service provider.
The nice part is that this is integrated into the TD Banking App, so there is a degree of security (I hope) with the app. I am not sure, but I hope I have to log into the App to be able to use the NFC capabilities of the app and phone (together), and not just enable it once, and then be able to willy nilly tap and pay (thus enabling anyone with my phone to do the same).
Is this a secure method of payment? I am not sure of the mechanics in the Android and Blackberry phones, however, the Android phones do have a reputation as being a little less secure than other phones (as all open systems do, when you let everyone see the source code, that includes the bad guys). Google has been working hard to improve Android’s reputation in the security area, but it is going to take a while to do that.
Am I recommending this service and TD? No, I am simply pointing out yet another interesting new way to spend your money. They keep making it easier and easier to spend your money.
How hard is it to get all of your information? One of the major victims, Ms. Kardashian™ has a plethora of security folks, and Kanye West™ to protect her on-line, who do you have?
This is really sad but true, but the folks hunting down all the information “in the Cloud” (skip that movie too) and trying to extricate your personal info for their own nefarious deeds, are the same (type) of folks that are hacking your home computer, bank’s computer, Internet Service Provider’s Database, Google’s Info DB, etc., etc., .
Everybody is watching, including the bad guys
Remember only a few weeks back, my info got hacked from Home Depot (sure I have free Equifax, but that is a small pay back given I am now being inundated with spam e-mails). I have written countless articles about security:
This is all to point out that assuming that you are safe, might be a little naive (oh and did you read about ISIS threatening your bed rooms too?), this world is getting scarier and scarier. If you are looking for me, I will be hiding under YOUR bed (they won’t think to look for me there).
Oh and my apologies on the cheap pop for the title as well.
After the past few weeks of fun and excitement on the Web, I have decided to practice what I preach by starting to decrease my Electronic Footprint. The Heartbleed Bug will mean that we must all go and change all of our passwords and such to get back to a less vulnerable stance (sorry I have been watching MI-5 on Netflix).
One of the first steps I have taken is to minimize financial issues, and I had a small account with Mint.com, which was mostly to just try things out, that I have deleted. The account was not being used, all it did was tell me once a month that one of my credit cards has a balance, but no longer.
The reasons for cancelling this part of my electronic footprint:
- The account was not being used and all it could do was act as a gateway for “bad folk” to break into my financial life and crap all over the place.
- Mint while an interesting service, can cause a great deal of consternation with your financial providers as well, if your account is cracked and used for bad things. I am not sure if your bank could do anything, but I don’t think you want to expose yourself to any possible jeopardy from sharing your banking information.
- It is one less password and user id to remember or worry about.
I actually have a very long list of user ids and passwords that I will now be going through to decide to either:
- Change the password to something new
- Delete the account because I can’t justify having this “possible security hole” still existing
Oh, and understand that a lot of accounts if you “DELETE” them, they don’t actually go away (e.g. Facebook), so remember to read carefully what happens if you try to DELETE an account.
No, not sin, Social Insurance Numbers, that SIN.
If the Social Insurance Number is simply a number given out each time a Canadian asks for one, the Maximum number of encodings is simply 999,999,999 codes. That seems like a very large number and why would anyone worry about running out of numbers in this program? The Social Insurance Number has become the de facto standard for identification in Canada (especially financially), and a number to be guarded closely, so each number is very important.
Some points to think about this number:
A very Fake Social Insurance Number
- I don’t think anyone has the Social Insurance Number 000 000 001 or anything like that encoding, so there aren’t as many numbers as we think. Is the exact number of available SINs published anywhere? I don’t think it is, but maybe I missed out on that.
- From 1973 to 1994 the three digit prefix (the first three numbers) increased by about 265 (if I compare my SIN to my children’s SIN), so not an insignificant increase. From 1994 to 2005 the prefix digits increased by 035. This assumes that the numbers are allocated in an increasing order.
- There are no more plastic SIN Cards being made, you simply get a letter with your SIN and that is it!
- Given 900 SIN were lost with the Heartbleed bug, how many more digits are lost due to identity theft and such?
- Is there a recovery program for digits after someone dies? I don’t think so.
- Temporary SINs have 9 as the first digit, and depending on where you apply your leading digit will reflect that (see Wikipedia for this)
- There is a checksum to easily figure out if a SIN is real or bogus.
Am I just fear mongering now? It’s possible, but I just wonder if we are going to hear in about 20 years that the Social Insurance Number will go from being a 9 digit number to either:
- A 9 digit hexadecimal number (base 16) (e.g. DEA DBE EF9 )
- A 12 digit regular number
Those would be simple fixes I suppose, except then every and any program that used the SIN for identification would need to be recoded (can you say Y2K ?) .