[SOLVED] How does the bank know it is me? Help Please. [SOLVED]

[Agent 86]

Here is the deal:

I use Chrome to log onto my bank to view my accounts, make sure checks have cleared and direct deposits have been made etc. 

I use Chrome for this activity because with Chrome I use no ad-blockers or other 3rd party software that may interfer with the log on process. Nor do I employ a VPN with chrome when logging into bank, so they see my real IP.

 

I use CCleaner and Privazar to regularly "clean" my computer. I have them both set to clean everything. All cookies and temp files etc no matter how recent they have been written to my HDD.

 

The banks webpage (in the past) would say something like this: "We do not recognize your computer. we need verification that it is really you. We are sending an email to the address on file with a temporary code. Use the code we send you along with your normal log on to access your account(s)." 

 

But for the past month or two I get no prompt about sending me a code from the bank. It just logs me in straight away, every time, even after running CCleaner and Privazar. 

I even tried logging in to bank using VPN with a different IP and still it logs me in straight away! WTF!

 

How does the bank know it is me? What "secret" files do they have stored on my computer that tells them it is me everytime? This is not good!

I am asking the nsane community for some help or insight here cuz I just cant figure it out on my own. Yes I have tried for a few weeks now but no results. Anybody???????

[DKT27]

Is it possible that you have disabled this check from the security settings page of it.

[Agent 86]

1 minute ago, DKT27 said:

Is it possible that you have disabled this check from the security settings page of it.

No I did not do that. I am positive about this.

22 minutes ago, Agent 86 said:

This is not good!

Just to clarify. The issue isnt that the bank knows it is me everytime. I have nothing to hide from them.

The issue is that it is IMO a vulnerability that could potentially be exploited by sites other than my bank. Maybe in other browsers that I use too! It makes me feel identifiable. I dont like that. Again any help is greatly appreciated.

[DKT27]

2 minutes ago, Agent 86 said:

No I did not do that. I am positive about this.

Just to clarify. The issue isnt that the bank knows it is me everytime. I have nothing to hide from them.

The issue is that it is IMO a vulnerability that could potentially be exploited by sites other than my bank. Maybe in other browsers that I use too! It makes me feel identifiable. I dont like that. Again any help is greatly appreciated.

 

The first thing is, you open the security settings of your bank and search for it. Second is, make sure you are using a strong password. It might sound silly but it's one of the most important part of security out there.

[knowledge-Spammer]

vulnerability that could potentially be exploited

the vulnerability  is u u can be exploited

talk with your bank  see what they say about it  and if u are not happy with what they say ask to talk with boss

 

We are sending an email to the address on file with a temporary code. Use the code we send you along with your normal log on to access your account(s)." 

this seem like maybe someone tryed to log in as u ? and bank unsure if u is real u  best  talk with bank

 

edit but sometime this happen when u change ips with programs like vpn

[jbleck]

u're most likely using the benefits of the cloud :P... your passwords and trusted machines are synced with your google account... best to keep them secure

[tiliarou]

There might be some additional fingerprinting algorithm in place (frequency/time of visits, mouse behavior, hardware ids' etc...) with the bank, or your VPN was leaking your real address. Normally the identification would be done by cookies and IP but there might be additional things.

Try another VPN and incognito/private mode + donottrack feature of your browser.

[mikie]

Look in your Control Panel's  'Credential Manager'

[humble3d]

Many in the 21st Century use what is known as "permanent cookies"... google knows...

[Pequi]

Boot from a Linux Dist (live CD) and see how that turns out.

You can use Tails - no need to use a big dist.

[straycat19]

15 hours ago, Agent 86 said:

How does the bank know it is me? What "secret" files do they have stored on my computer that tells them it is me everytime? This is not good!

I am asking the nsane community for some help or insight here cuz I just cant figure it out on my own. Yes I have tried for a few weeks now but no results. Anybody???????

 

It has nothing to do with the bank or its security settings and everything to do with chrome.  Chrome has stored your password to login to the bank  You can find it a couple different ways.  You can point chrome to "chrome://settings/passwords" or find the password management option in advanced settings and find the password.  It also stores encrypted passwords in "%LocalAppData%\Google\Chrome\User Data\Default\Login Data".  This is an encrypted SQL database.  Delete the password for the bank and it will put you right back to where you started, with the bank wanting to verify you.  Obviously at some point in time you told Chrome it was OK to store the password because it does not do it on its own.

[Agent 86]

6 hours ago, tiliarou said:

There might be some additional fingerprinting algorithm in place (frequency/time of visits, mouse behavior, hardware ids' etc...) with the bank, or your VPN was leaking your real address. Normally the identification would be done by cookies and IP but there might be additional things.

Try another VPN and incognito/private mode + donottrack feature of your browser.

I think this is what may be happening. The fingerprint thing you spoke of - if so how to stop it! Just to clarify I do not use a VPN to connect to my bank. 

3 hours ago, humble3d said:

Many in the 21st Century use what is known as "permanent cookies"... google knows...

This might be another possibility, but I will be damned if I can locate any perm or super cookies on my system!

9 hours ago, jbleck said:

u're most likely using the benefits of the cloud :P... your passwords and trusted machines are synced with your google account... best to keep them secure

I only have gmail. Do not use it much and dont use it for bank. (use "real" email account from my ISP) and am sure this is not the case (passwords stored or synced) please read my response to @straycat19 below for more details.

1 hour ago, straycat19 said:

 

It has nothing to do with the bank or its security settings and everything to do with chrome.  Chrome has stored your password to login to the bank  You can find it a couple different ways.  You can point chrome to "chrome://settings/passwords" or find the password management option in advanced settings and find the password.  It also stores encrypted passwords in "%LocalAppData%\Google\Chrome\User Data\Default\Login Data".  This is an encrypted SQL database.  Delete the password for the bank and it will put you right back to where you started, with the bank wanting to verify you.  Obviously at some point in time you told Chrome it was OK to store the password because it does not do it on its own.

OK I need to clarify something here about my password for bank and the straight away log in I spoke of.

I am sure Chrome does NOT store my passwords. I am positive I did not do this. I use KeePass to manage my passwords (never a browser store them!)

AND

Although I said log in "straight away" maybe that was misleading, let me clarify please.

1) When I go to the bank webpage it is just the homepage

2) I click on the "Log In" link at top right corner of page.

3) A dropdown will appear asking for my User Name and Password.

4) I manually enter my User Name and Password.

5) It is at this moment when the bank used to give me the prompt I spoke about (which it does not do any longer)

Quote

"We do not recognize your computer. we need verification that it is really you. We are sending an email to the address on file with a temporary code. Use the code we send you along with your normal log on to access your account(s)."

The bank not only needs you to enter the correct Name and Password but also needs to "recognize" your machine! A double authorization system. 

Now I always thought that the way they "recognized" my machine was cookies stored. The reason I thought this is because like I said I use CCleaner and Privazar to delete these cookies. Like I said in the past even after entering my correct Name and PW the bank would still need to send me a verification code via email to enter on log in page. (Because the bank did NOT "recognize" my machine between visits!!)

BUT NOW:

After doing step #4(above) the bank logs me in "straight away" (Step #5 never happens)(I want step #5 to happen!) Some how the bank now "recognizes" my machine even though I always delete the cookies and such with CCleaner and Privazar between visits.

SO

I am thinking that what @tiliarou or @humble3dis true. Somehow the bank is fringer printing me or that there is some kind of "permanent" or "super" cookie installed on my machine!

 

I need to find out WTF is going on and STOP it from happening. Like I said, I have nothing to hide from the bank, BUT if the bank can do this (recognize me after deleting cookies and even when using a VPN)

17 hours ago, Agent 86 said:

I even tried logging in to bank using VPN with a different IP and still it logs me in straight away! WTF!

 then I assume others could do it too. This is not a good situation for people. Especially like us who u/l and d/l warez! I need to find out wtf is going on and stop it!

Regards

[Sylence]

They might be using Flash cookies to identify you. there are a wide variety of methods websites can use for fingerprinting and uniquely identifying users. also there are cookies that work cross browser. 

run the website on a fresh new VM with a different IP address, if it still doesn't ask you for authentication code then most likely they disabled that feature for your account or for everyone.

[Agent 86]

9 minutes ago, saeed_dc said:

Flash cookies to identify you

I do have flash enabled on Chrome. (It is disabled on other browsers, for security) I only use Chrome for my bank and 1 other site that already has all my info anyways. I will look into to this.

9 minutes ago, saeed_dc said:

they disabled that feature for your account or for everyone.

This may be true but I highly doubt they would disable the double authorization. Anything is possible though. If all else fails I will speak to them about this.

[Sylence]

6 minutes ago, Agent 86 said:

I do have flash enabled on Chrome. (It is disabled on other browsers, for security) I only use Chrome for my bank and 1 other site that already has all my info anyways. I will look into to this.

This may be true but I highly doubt they would disable the double authorization. Anything is possible though. If all else fails I will speak to them about this.

 

yes it's really possible. but try the VM method too, no need to install Windows, you can just grab a live Ubuntu and run it without installation

[Agent 86]

OK I have been doing some testing:
(Ive done all this before while trying to figure this mess out but wanted to re test in order to remember correctly exactly what is going on)

 

I have 3 browsers installed. Chrome, Opera and Firefox. Chrome is the only browser that flash is enabled on.
I have all 3 browsers set the same for cookies. All 3 browsers set to "allow cookies, but no 3rd party cookies" Also all 3 browsers are set to delete cookies when closing the browsers.

When using Chrome, and now Opera too, as soon as I enter my correct Name and PW the bank logs me in. (they "recognize" my machine!)
BUT
When using Firefox after I enter my correct Name and PW I get the prompt I was speaking about! (they do NOT "recognize" my machine!) please see pic

http://s9.postimg.org/d1qz3opwv/2017_07_22_123705.jpg

 

By looking at the pic one can see that they use cookies to Identify my machine!
It can NOT be Flash cookies.(Chrome has Flash enabled, but Opera does not).
Also that the dual authorization is indeed still in place by my bank.

SO.....

Why is Chrome and Opera storing cookies after I close the browsers? I have cookies set to delete after close!
Where the hell are these cookies that Chrome and Opera are storing on my system and refusing to delete?
And why doesnt CCleaner or Privazar find and delete these cookies?

 

Side Note: Notice in pic where it says "phone". I use a computer only to access my bank accounts, never a phone.

[Alpha1BA]

Your browser is sending HTTP authentication to third party sites! could also be cache also your browser has it own generic signature these along with referer, cookies, user agent even system language, browser window size and fonts all help to identify you!

 

 

[straycat19]

Glad you clarified your login procedure.  That helps in trying to find the 'key' for your issue.  If you think it is flash that might be identifying your system to the bank you can run the Flash settings manage from the website.  It is by Adobe but the links points to the original site, it allows you to change the flash settings on your computer.

http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager07.html

It should look like this

 

 

See if this solves the problem, if not we can move on to something else.

 

But while you are at it, also clear all the junk in Chrome by doing the following

 

Click the Menu button
Click Settings
Click Show advanced settings
Scroll to Privacy
Click Clear browsing data…
Tick Cookies and other site and plug-in data
Tick Cached images and files to ditch your cache
Click Clear browsing data

 

Exit Chrome and restart.  Check your bank login.

 

 

[Agent 86]

@straycat19 It seems I dont have flash installed at all. I forgot that I uninstalled it awhile back. If a site requires Flash I simply dont use it, unless it also works with HTML5. I do have flash enabled on Chrome but since it is no longer installed I think that is a dead end as far as fixing my problem. I tried your other suggestion about clearing browser data, till the end of time, lol, as I have did before, no luck! 

 

This whole thing has got me perplexed! I just may start using Firefox exclusively for my browsing needs. 

On 7/22/2017 at 1:45 PM, Agent 86 said:

When using Firefox after I enter my correct Name and PW I get the prompt I was speaking about! (they do NOT "recognize" my machine!)

 

[Agent 86]

LOL I remember in the 80s, just connecting to the Internet was a complicated deal. But once connected no worries like today. I am too God damn old!!!

[Alpha1BA]

unsure if this addon is available for Chrome? but for Firefox users concerned about LSO's (locally shared objects) there is an addon called "Better Privacy" which deals with this very nicely

[Agent 86]

[SOLVED]