Synonymous with security on the net, VPN (Virtual Private Network) convey the idea that they are essential for carrying out a bank transaction during an online purchase. Is a VPN essential for spending securely?

In this troubled period of confinement, it is very practical to be able to carry out, while there is still time, some purchases on the Internet. But if the SARS-CoV-2 virus is sweeping the planet, should we fear data piracy during transactions on the Internet, and should we absolutely use a VPN to protect it? As often, the answer must be nuanced and several cases can arise.

At home

If you run your shopping quietly installed in your sofa from a wired or Wi-Fi connection, the risks involved in your transactions are very low as long as you use a recent browser and a connection with the merchant site or the bank in HTTPS mode. In this case, it is the S that is important, because it means that your browser communicates with the website using the SSL / TLS encryption protocol. Your data therefore does not pass unencrypted on the network and is rendered incomprehensible if you do not have all the elements to decrypt the information.

VPN

In addition, when establishing an HTTPS connection, your browser verifies the identity of the website it accesses, using an authentication certificate issued by a third-party and normally reliable authority. So, when you connect to the server of a merchant site declared to this authority, your browser ensures that it connects to the correct server.

Be careful however, the practically generalized transition to the secure HTTPS protocol does not protect you from phishing, or fishing in English. This hacking technique consists in redirecting you, via an email or a fraudulent link, to a counterfeit of a merchant or banking site. By connecting to these bogus sites and leaving passwords or sensitive information, you are feeding the hacker database without your knowledge. False sites can perfectly have an authentication certificate, and therefore communicate with you securely. A VPN won’t protect you further from these illicit systems.

From abroad

Conversely, if you live for a few days abroad, a VPN can quickly prove essential to make purchases while being virtually in France, and thus not put all the surveillance systems of your bank on alert. In addition, you may be tempted to use open or secure Wi-Fi networks to limit the sometimes expensive 4G connections abroad. And this is the main danger.

From a public Wi-Fi network

In fact, public Wi-Fi networkshotspot ), mainly open networks and which therefore require no password to connect, do not encrypt the data transferred. They are veritable testing laboratories for budding pirates, but also more seasoned robbers. They are therefore to be proscribed or used while taking all the usual precautions, in particular the encryption of data by a VPN.

Other secure public wireless networks require a password to connect. These are those generally offered in hotels, rented rooms or restaurants. The connections are encrypted here, but the risk of data hijacking is real, especially with programs that do not use an Internet browser, such as an application, mail software or FTP. Prefer therefore an HTTPS connection via your browser to minimize the risks and use a VPN to encrypt all outgoing communications from your computer or smartphone.

Finally

During confinement, you probably won’t have the opportunity to connect to a public Wi-Fi network. At home, with a wired connection or a secure Wi-Fi network, you have no advantage in using a VPN service to protect your online purchases. The main risks come from public Wi-Fi for which the use of a VPN is strongly recommended. In general, here are our recommendations.

  • Do not let your smartphone automatically connect to open Wi-Fi networks and prefer 3 / 4G connections.
  • Avoid connecting to an open Wi-Fi network and, failing this, imperatively use a VPN.
  • Prefer public Wi-Fi secured by a password and surf on sites in HTTPS mode.
  • Avoid connecting to your online bank or making online purchases from a public network, even a secure one.
  • Prefer the use of a VPN when connecting to a public Wi-Fi, even secure.
  • Protect your home Wi-Fi network with a password and encryption (WPA or WPA2).
  • Check the links and emails.