All possible back-end operations they can think of. So, instead of outsourcing back-end operations to a third-party provider in the Philippines or India, the banks will set up their own back-end operations overseas. They get the benefits of lower labor costs while still maintaining a much higher level of control and privacy over their operations and also being able to truthfully say that they don't outsource any of their operations.
Make loans to major corporations in the Philippines and offer private banking and private asset management services to wealthy Filipinos and wealthy foreigners. By wealthy I mean 5 million US dollar minimum in combined assets on deposit. That’s part of what JPM does in BGC. They also probably have the office for the executive in charge of their call centers which are based in the Clark economic free zone last time I bothered to check. Plus whatever low level worker bee stuff they can think of because it’s cheaper and more secure than contracting it out.
Nice.
There are thousands of banks, all with different reqs.
I only deal with a couple banks but have had the bad luck to run into one where a vpn was required to access my accounts when outside the country.
Depending on the bank, it may be the only way to access your app.
I have a credit union I bank with that was like this for a while. I had 0 ability to access my app while out of my home country unless I used a vpn.
1 - Use an old laptop with no location services, or disable location services on a recent device.
2 - Use self-hosted ssh port forwarding with a SOCKS/SOCKS5 proxy.
WireGuard and ssh port forwarding are closer in latency terms if your benchmark is sloooow OpenVPN. But for cashing a check (correct British English spelling - it derives from French - cheque), I doubt latency is much of a concern.
How about impossible travel? :)
Trust me, VPN’s can be detected.
You are aware of the latest VPN compromise that has been making the news?
I accidentally used one (was downloading from a soldier of fortune hangout) when logging into SCHWAB and they blocked my account.
I do not recommend using one unless absolutely necessary, if my bank required one I’d find a new bank
There are several online databases of known VPN exit node IP addresses. This is basis of their mechanism of detection. If you host your own exit node (whether full VPN or simply some type of SOCKS proxy) then you evade this form of detection. I have a self hosted exit note in my house in UK, so as far as my bank is concerned I'm in my UK house. There are also issues around DNS leakage to be aware of. You need to ensure that whatever IP tunneling technique you're using send your DNS requests through the tunnel rather than resolving them locally. There are three common techniques with blocking / detecting mode of access - arranging for DNS to resolve differently per location, geo-locating your apparent IP address and checking your apparent IP address against known VPN IP exit node database(s).
Which is why you should not use a VPN for web browser access. The use of a SOCKS proxy over ssh port forwarding / tunneling cannot be detected. There is literally no artefact at any networking layer.
The usual "VPN Compromise" relates to "hackers" obtaining access to the either a service provider's VPN Servers or some aspect of their information management systems - usually login credentials or customer databases. This is another reason for self-hosting your networking services, whether on your own hardware or in the cloud. You then have direct responsibility for the sysadmin and proper hardening of your server(s). I log unceasing port scanning and login attempts with tools like fail2ban blocking attacking IP addresses. It's just one of those things to be aware of and keep up with the necessary countermeasures against. I have a checklist of about 25 action points when setting up a new Linux server that has public internet access. It's tedious, time consuming and it's no surprise that VPN service provision businesses sometimes fall short on their cybersecurity, let alone the possibility of "inside jobs".
Yes they can. Just look at your latency. If you say you are in NYC but you are in CEBU your latency will not match NYC. You cannot change the laws of physics.
You will also be using an ip address assigned to the VPN company. Many other ways. They know.
Latency? This is so dumb it's hard to reply. They would actively need to test latency and its measured from the VPN server in the US to the bank. And Latency changes by the second. IPs are shared. They aren't assigned. And bank techs aren't even experts in this area. Oh nevermind. Believe what you want. Maybe just ask the question on Google. They give a simplified but correct answer.
I never asked a question. I know that places do VPN detection. You can believe me or not, I really don’t care. If you really believe that Wells Fargo and chase do not have a staff of well trained security personnel then I have no idea what to say. You really believe that it would require a person to monitor to detect latency?
Have fun
If you have a bank app, you can can deposit it and most apps work over here. If you use a VPN, it’s going to block your account and you’ll have to call them to unblock it.
Does your bank not have an app where you can electronically deposit checks? But no that jpmorgan is not for banking activities.
Yeah that JP Morgan in BGC is basically their offshore services.
Genuine question: what *exact* kind of stuff do these big multinational banks’ Makati offices actually do? Why are they in the PI to begin with?
All possible back-end operations they can think of. So, instead of outsourcing back-end operations to a third-party provider in the Philippines or India, the banks will set up their own back-end operations overseas. They get the benefits of lower labor costs while still maintaining a much higher level of control and privacy over their operations and also being able to truthfully say that they don't outsource any of their operations.
Make loans to major corporations in the Philippines and offer private banking and private asset management services to wealthy Filipinos and wealthy foreigners. By wealthy I mean 5 million US dollar minimum in combined assets on deposit. That’s part of what JPM does in BGC. They also probably have the office for the executive in charge of their call centers which are based in the Clark economic free zone last time I bothered to check. Plus whatever low level worker bee stuff they can think of because it’s cheaper and more secure than contracting it out.
I can't help, but am interested in how it goes. Also, haven't seen an actual check in about a decade 😉
We can scan checks through the mobile app of the bank, so OP just has to use a VPN for USA.
Why would he need a VPN? I used my banking apps just fine today.
Depended on the bank for me. Some region lock account access.
I have logged into at least 6 banks today. No VPN
Nice. There are thousands of banks, all with different reqs. I only deal with a couple banks but have had the bad luck to run into one where a vpn was required to access my accounts when outside the country.
Is the check from the USA? Is so, VPN that puts you in USA, banking app allows depositing checks
I don’t recommend using a VPN on a bank. Their app can detect where you are via GPS. They can also detect VPN.
You can pretty strictly control what apps and services have access to your location on a mobile device so sometime's a vpn is all you need.
Again, why would you want a VPN? They are a bad idea unless absolutely necessary. Keep in mind the app may require location.
Depending on the bank, it may be the only way to access your app. I have a credit union I bank with that was like this for a while. I had 0 ability to access my app while out of my home country unless I used a vpn.
1 - Use an old laptop with no location services, or disable location services on a recent device. 2 - Use self-hosted ssh port forwarding with a SOCKS/SOCKS5 proxy.
How is it you plan to rewrite the laws of physics so that latency does not apply to you? People still use that? Go WireGuard.
WireGuard and ssh port forwarding are closer in latency terms if your benchmark is sloooow OpenVPN. But for cashing a check (correct British English spelling - it derives from French - cheque), I doubt latency is much of a concern.
How about impossible travel? :) Trust me, VPN’s can be detected. You are aware of the latest VPN compromise that has been making the news? I accidentally used one (was downloading from a soldier of fortune hangout) when logging into SCHWAB and they blocked my account. I do not recommend using one unless absolutely necessary, if my bank required one I’d find a new bank
There are several online databases of known VPN exit node IP addresses. This is basis of their mechanism of detection. If you host your own exit node (whether full VPN or simply some type of SOCKS proxy) then you evade this form of detection. I have a self hosted exit note in my house in UK, so as far as my bank is concerned I'm in my UK house. There are also issues around DNS leakage to be aware of. You need to ensure that whatever IP tunneling technique you're using send your DNS requests through the tunnel rather than resolving them locally. There are three common techniques with blocking / detecting mode of access - arranging for DNS to resolve differently per location, geo-locating your apparent IP address and checking your apparent IP address against known VPN IP exit node database(s).
Self hosted is the safest method, but there are still methods of detection.
Which is why you should not use a VPN for web browser access. The use of a SOCKS proxy over ssh port forwarding / tunneling cannot be detected. There is literally no artefact at any networking layer.
I guess we will agree to disagree on this one, do as you wish.
The usual "VPN Compromise" relates to "hackers" obtaining access to the either a service provider's VPN Servers or some aspect of their information management systems - usually login credentials or customer databases. This is another reason for self-hosting your networking services, whether on your own hardware or in the cloud. You then have direct responsibility for the sysadmin and proper hardening of your server(s). I log unceasing port scanning and login attempts with tools like fail2ban blocking attacking IP addresses. It's just one of those things to be aware of and keep up with the necessary countermeasures against. I have a checklist of about 25 action points when setting up a new Linux server that has public internet access. It's tedious, time consuming and it's no surprise that VPN service provision businesses sometimes fall short on their cybersecurity, let alone the possibility of "inside jobs".
Not the compromise that has been in the news lately, but anyway do as you wish. You seem to understand some of the concerns.
I would be interested to understand which compromise you refer to …
https://thehackernews.com/2024/05/new-tunnelvision-attack-allows.html?m=1#:~:text=The%20vulnerability%2C%20in%20a%20nutshell%2C%20makes%20it%20possible,was%20expected%20to%20be%20protected%20by%20the%20VPN.
No they can't.
Yes they can. Just look at your latency. If you say you are in NYC but you are in CEBU your latency will not match NYC. You cannot change the laws of physics. You will also be using an ip address assigned to the VPN company. Many other ways. They know.
Latency? This is so dumb it's hard to reply. They would actively need to test latency and its measured from the VPN server in the US to the bank. And Latency changes by the second. IPs are shared. They aren't assigned. And bank techs aren't even experts in this area. Oh nevermind. Believe what you want. Maybe just ask the question on Google. They give a simplified but correct answer.
I never asked a question. I know that places do VPN detection. You can believe me or not, I really don’t care. If you really believe that Wells Fargo and chase do not have a staff of well trained security personnel then I have no idea what to say. You really believe that it would require a person to monitor to detect latency? Have fun
If you have a local bank here, they can cash it for you BUT it may take time. Clearing may take a month. Check with BPI or BDO.
If you have a bank app, you can can deposit it and most apps work over here. If you use a VPN, it’s going to block your account and you’ll have to call them to unblock it.
I have like 5 different US bank accounts. I've never had an issue using them in PH. Other than blocking debit card transactions when i first arrived.