Jump to content
All visa questions and fresh Immigration updates here ×

Bangkok Bank Internet Banking Only Accept Internet Explorer!

hansbak

By hansbak
in IT and Computers

 Share

Recommended Posts

hansbak Apprentice Member

hansbak

Posted
Posted

Can you imagine? Thailand is still poisoned with $icrosoft stuff, first my wife has to deliver her thesis in microsoft word, now i got a bangkok bank banking account and they do only internet explorer....

when is thailand going to accept open source products and refuze to us this stuf??

so, feel better now,

Regards,

Hans

Link to comment
Share on other sites
hansbak Apprentice Member

hansbak

Posted
  • Author
Posted

this is what i see on the first page:url: https://bizibanking.bangkokbank.com/bblamsui/SignOn.aspx

In order to access to BIZ iBanking, please use the supported browsers below (Beta products are not supported).

Microsoft Internet Explorer version 6, 7, 8 or above

(www.microsoft.com/windows/internet-explorer)

To help improve online banking security, please use the licensed and up-to-date operating system software and anti-virus application. Do not use internet cafes or insecure public computers.

url: https://bizibanking.bangkokbank.com/bblamsui/SignOn.aspx

then try to click the login button????

Link to comment
Share on other sites
hansbak Apprentice Member

hansbak

Posted
  • Author
Posted

this is what i see on the first page:url: https://bizibanking....sui/SignOn.aspx

In order to access to BIZ iBanking, please use the supported browsers below (Beta products are not supported).

Microsoft Internet Explorer version 6, 7, 8 or above

(www.microsoft.com/windows/internet-explorer)

To help improve online banking security, please use the licensed and up-to-date operating system software and anti-virus application. Do not use internet cafes or insecure public computers.

url: https://bizibanking....sui/SignOn.aspx

then try to click the login button????

if you look at the copyright it is from 2006 which means they did probably not update the software for 5 years.

in you look in the source there is even a check for netscape 3....who is using that?

woow really look bad......

Link to comment
Share on other sites
BB1950 Gold Member

BB1950

Posted
Posted (edited)

this is what i see on the first page:url: https://bizibanking....sui/SignOn.aspx

In order to access to BIZ iBanking, please use the supported browsers below (Beta products are not supported).

Microsoft Internet Explorer version 6, 7, 8 or above

(www.microsoft.com/windows/internet-explorer)

To help improve online banking security, please use the licensed and up-to-date operating system software and anti-virus application. Do not use internet cafes or insecure public computers.

url: https://bizibanking....sui/SignOn.aspx

then try to click the login button????

You are correct. For the business internet banking, it does not work without Internet Explorer. My guess is most businesses in Thailand don't use anything but Internet Explorer for their browsers.

However, for personal internet banking https://ibanking.ban...com/SignOn.aspx, it does work with other browsers.

Edited by BB1950
Link to comment
Share on other sites
TallGuyJohninBKK Star Member

TallGuyJohninBKK

Posted
Posted

At least for BKK Bank's personal banking web site... back before they upgraded it to work with Firefox...you could use...and even now still use... the Firefox extension called "IE Tab 2" that allows you to toggle in Firefox between regular Firefox and an IE emulator... That extension toggled to IE in Firefox used to work fine for accessing the BKK Bank online banking, even when regular Firefox couldn't...

So, it would seem at least possible that Firefox running IE Tab 2 extension likewise might work fine for their business banking site at present.

Link to comment
Share on other sites
Gregory Morozov Advanced Member

Gregory Morozov

Posted
Posted

Hello Hans, could you please try with Firefox and User Agent RG add-on installed? Switch the agent string to Internet Explorer 8 from Tools menu after add-on installation. It shows the proper login screen then but I cannot check the functionality as I don't have the business account there...

And can I know the name of the institution for the thesis? Do they really not accept it in PDF?

Link to comment
Share on other sites
barryw52 Advanced Member

barryw52

Posted
Posted

I have just done basic test with all three browsers (no add ins) and yes only works with IE. As one op says not the case for BBank personal bank as I use Chrome with Bbank and it works fine. I be asking them when they going to fix this as the world is not just IE any more far from it. Try the adds the op suggests see if that can stop you having to use IE. you maybe able to change some setting on you browser to get around this call there Help desk and ask them.

Link to comment
Share on other sites
nikster Diamond Member

nikster

Posted
Posted

I wouldn't trust any website that only runs on IE. Whoever made this clearly don't know what they're doing.

A banking website that only runs on IE? Yeah right. Switch to another bank if you want to do internet banking.

I am serious. Stay away from this. It's only a matter of time until they have a major security breach.

Link to comment
Share on other sites
Guest

Guest

Posted
Posted

I wouldn't trust any website that only runs on IE. Whoever made this clearly don't know what they're doing.

A banking website that only runs on IE? Yeah right. Switch to another bank if you want to do internet banking.

I am serious. Stay away from this. It's only a matter of time until they have a major security breach.

Is there any serious alternatives available for business accounts in Thailand?

I have not found one.

Link to comment
Share on other sites
Lannig Advanced Member

Lannig

Posted
Posted

I wouldn't trust any website that only runs on IE. Whoever made this clearly don't know what they're doing.

A banking website that only runs on IE? Yeah right. Switch to another bank if you want to do internet banking.

I am serious. Stay away from this. It's only a matter of time until they have a major security breach.

Geez, Nikster, get real. I hate IE and M$ just as much as you do, I've worked in universities long enough to have a real culture of open-source, but in the Real World things aren't that simple. When any error accessing online data, any action done through a browser bears strong liablity concerns and can even have legal consequences, a business has to very clearly state which browsers it supports and block access from other ones. Where I work now, the only supported browser to access online patient data is IE6. It certainly sucks, but that's the way it is, because just every action has been tested with IE6 and not yet with other browsers. And on computers isolated from the Internet, IE6 is still (barely, I know) acceptable.

If BKK Bank only supports IE at this time, that's their choice. Of course, you're 100% entitled to switch to another bank if that pisses you off.

As for IE being the channel for a major security breach of the bank's online services, that's a joke. Security breaches don't work that way, through vulnerabilities in the client's browser. Only your own computer (and therefore possibly your account details) can be compromised this way.

Link to comment
Share on other sites
woodyleonhard Advanced Member

woodyleonhard

Posted
Posted

Where I work now, the only supported browser to access online patient data is IE6. It certainly sucks, but that's the way it is, because just every action has been tested with IE6 and not yet with other browsers. And on computers isolated from the Internet, IE6 is still (barely, I know) acceptable.

Sad, isn't it?

Microsoft is actively trying to get rid of IE 6 - they even have a countdown page, and voluminous articles trying to get people to switch - but some companies remain intransigent.

SCB's Business Banking program, Biznet, has one function that only works with IE. It's a sign of poor programming. Some day they'll fix it, but I won't hold my breath.

Link to comment
Share on other sites
dave111223 Platinum Member

dave111223

Posted
Posted

Generally i find sites having these kind of "supported browser" limitations are because they have used javascript in entirely the wrong way.

Instead of write a site which at core can run without javascript, and then adding javascript as an enhancement to make functionality easier/better/etc..

They needless use javascript to perform core mundane tasks (such as using javascript to redirect a customer to a page after completing a transaction)....total amateur and unnecessary to use javascript to accomplish things like this.

Because javascript is client-side script it therefore runs differently in different browsers (and some stuff doesn't work in some browers).

Then on top of that if the javascript code is written really poorly; then it creates even more browser dependance/limitations...which IMHO is what is going on with Bangkok Bank etc...

My wife took a class in PHP a few years ago (in Thailand) and I sh*t you not all the sample scripts they were writing in class were full of quirky javascript bits. Javascript redirects, javascript form validation (without any PHP validation), alerts() everywhere.

Link to comment
Share on other sites
Lannig Advanced Member

Lannig

Posted
Posted

Where I work now, the only supported browser to access online patient data is IE6. It certainly sucks, but that's the way it is, because just every action has been tested with IE6 and not yet with other browsers. And on computers isolated from the Internet, IE6 is still (barely, I know) acceptable.

Sad, isn't it?

Microsoft is actively trying to get rid of IE 6 - they even have a countdown page, and voluminous articles trying to get people to switch - but some companies remain intransigent.

It's not a matter of being intransigent or not. It's a matter of money.

Validating another browser, fixing IE6isms in an application (provided there's enough left of the company / the internal team who wrote it to fix anything - not always the case), all this costs a nice pile of bahts/euros/dollars/<insert your favourite currency here>

So as long as people don't complain too loud, as long as the security consequences are manageable etc. most businesses will drag their feet.

SCB's Business Banking program, Biznet, has one function that only works with IE. It's a sign of poor programming. Some day they'll fix it, but I won't hold my breath.

Not necessarily poor programming. Short-sighted programming I'd say, which tends to be enough for the masses using IE anyway.

Major computer iron manufacturers produce boxes (like e.g. SAN storage arrays) whose web administration interface work only with IE. HP still sells blade servers today whose remote web console only works with preposterous versions of the Java plug-in.

Even in the IT business, those shortcomings exist.

Link to comment
Share on other sites
nikster Diamond Member

nikster

Posted
Posted

Geez, Nikster, get real.

....

As for IE being the channel for a major security breach of the bank's online services, that's a joke. Security breaches don't work that way, through vulnerabilities in the client's browser. Only your own computer (and therefore possibly your account details) can be compromised this way.

Huh? Well I hope you don't some day have a rude awakening there. If your client is untrusted - meaning your computer has been breached - then anything you can do on your banking account isn't safe anymore. Unless BKK bank internet banking doesn't actually allow you do do anything - and I don't know that since I am staying the hell away from it - it's unsafe.

Say you can initiate bank transactions, imagine a worst case scenario, your computer is under control of some hacker group, sold to organized crime. I'll illustrate how this would work on my European bank account because that's supposedly very secure. It uses a sheet of one time TAN numbers to authorize any transaction:

- I initiate a transaction - $100 to my brother's account

- I have to enter my one time TAN number to sign off on the transaction - security feature! - I do that

- My computer takes this information and uses the TAN number to initiate a $10,000 transfer to Dimitry in Russia

- My computer then displays a page saying "success! you have transferred $100 to your brother"

- My computer displays my bank account as if my intended transaction had gone through - changing the numbers on the fly as they come in from the bank

Now I hear you say nobody can do that - it's too sophisticated. In reality, if it isn't already happening, it will happen. As any exploit that can be done, will eventually be done. It will eventually be automated such that this process doesn't require any human interaction, and such that this idea becomes part of a virus delivery kit that any script kiddie can install on your compromised machine.

Getting back to BKK bank, my objection isn't that I "hate IE" - it's that those who made the web page have demonstrated their absolute technical incompetence. As somebody who works with websites every day I know how easy it is to create cross-platform web pages - the hard part is usually supporting IE6, so many consultants are not doing that anymore. The most secure web pages only use W3C standard tech. Websites that use features that are only available on IE use exactly those features that are the most insecure technologies possible.

While doing it on the intranet is despicable - my biggest client does it too - it's not actually that big a security problem there as the intranet is protected by multiple layers of security and not that easy to get to (VPNs, Firewalls, and so on).

Long story short: I recommend urgently not to use the BKK bank internet banking. But hey, it's your money. Good luck with the customer service at BKK bank should a breach occur...

Link to comment
Share on other sites
Lannig Advanced Member

Lannig

Posted
Posted

Huh? Well I hope you don't some day have a rude awakening there. If your client is untrusted - meaning your computer has been breached - then anything you can do on your banking account isn't safe anymore. Unless BKK bank internet banking doesn't actually allow you do do anything - and I don't know that since I am staying the hell away from it - it's unsafe.

Nothing contrary to what I wrote here: your account can be compromised, your banking information can be stolen, up to a certain point (see below) illegal transactions can possibly be made from your account, but in no way can this lead to a global break-in of the bank's servers.

Say you can initiate bank transactions, imagine a worst case scenario, your computer is under control of some hacker group, sold to organized crime. I'll illustrate how this would work on my European bank account because that's supposedly very secure. It uses a sheet of one time TAN numbers to authorize any transaction:

- I initiate a transaction - $100 to my brother's account

- I have to enter my one time TAN number to sign off on the transaction - security feature! - I do that

- My computer takes this information and uses the TAN number to initiate a $10,000 transfer to Dimitry in Russia

(...)

Nice demonstration. I'm not a BKK Bank customer so I can't tell for sure, but last time I checked both KBANK and my local bank here in the western world required a SMS confirmation each time there's a new recipient for a money transfer who's not already registered.

In such a case your demonstration doesn't work. And your phone number has to be registered too.

Don't know if BKK Bank offers that layer of safety, though.

(...) this idea becomes part of a virus delivery kit that any script kiddie can install on your compromised machine.

If your computer is infected, there are far easier ways to compromise your bank account, such as key and mouse gesture loggers. No need to get into such a sophisticated attack.

Long story short: I recommend urgently not to use the BKK bank internet banking. But hey, it's your money. Good luck with the customer service at BKK bank should a breach occur...

Thanks for the tip :) but as mentioned above I'm not actually a customer.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.







×
×
  • Create New...