When ABA started the QR thing a couple of years ago, I initially used it quite a bit.

In the meantime though, I have mostly gone back to using the card and cash. Likewise with other banks.

At super markets/larger stores, I find that tapping a card is much faster than using the QR code.
In smaller shops/at markets, I usually pay with cash.

I like ABA's app. Transfers, creating virtual cards, topping up the phone, paying for government services, etc. All good.

But, I really don't want to rely on a phone and the Internet for everything. Beware a single point of failure and potential attack vector for multiple finance apps.

One bank (not in Cambodia) recently posted that using their own keyboard app (not the Android stock kb) to prevent hacking attacks is now mandatory.
That really got me alarmed.

How many finance apps do people now have on their phones?

Money transfer apps, banking apps, BTC wallets, Brokerage accounts, ID, etc. all on a single device? Really?

Then snapping pictures on riverside with that device.

Sounds like a recipe for a lot pain to me.

Spigzy wrote: ↑Fri Mar 15, 2024 2:39 pm Definitely splitting across 2-3 banks is a solid plan, using each for different purposes - I use bank (A) for day to day, bank (B) for credit card online, Bank (C) credit card for retail credit card usage (hotels, flights, etc.)

One other thing is to ensure that anything you pay with on a card is your credit card; a debit card has no business online or at retail, if anyone has the numbers/expiry/CVV for that, they can clear your account out with very low chance of recovery. Credit cards are a different animal and disputing tranactions much easier & refunding much faster. Keep your debit card for ATM usage only.

Re: devices also correct, I only use Bank (A) on my phone, Bank (B) only on my computer, Bank (C) no device at all - if I lose one with all the details, then my problem is at least halved.

Awaits "Bitcoin fixes this!" comment.

Thank you, @Spigzy, very good points and tips.

Possible to-do:

1. Get at least two credit cards, one for online one for offline (and as a a spare if the other one gets compromised and needs to be blocked).

Potential problem for people who reside in Cambodia. Some may not qualify for a CC in their home country.

Potential remedies:

A. Check whether a Cambodian bank will issue CC with similar conditions.
I know ABA, issues CCs to foreigners (at least some), secured by a fixed deposit.
The actual CC account is different from the fixed deposit.
The question is about liability. Does their CC work like a U.S./UK credit card in practice?
If yes->that may be worth getting to follow your outline.

B. If no CC available, how about getting a separate debit card with low limits and a separate account for that card with very limited funds
->If compromised, worst case, the limited amounts in the account could be lost. (Similar to losing a wallet)?
Have a second debit card to be used only for withdrawals.

C. In some countries pre-paid cards are available that can be loaded via a bank account (manually) but are otherwise completely separate.

D. Have a decent amount of cash in addition.


As to bank accounts and the mobile as single point of failure:

I also think most accounts should NOT be on a mobile that is being taken out every couple of minutes to reply to a chat or snap photos or receive calls.

It is crucial to avoid an every-hour-use mobile being a single point of failure.

I know several people who have everything on a single, powerful mobile, such as a new iPhone or Samsung Galaxy.

That might include their Robinhood account, their crypto exchange account, all banks, everything.

Quite a few institutions are mobile only these days.
Potential remedy:
Have one mobile for every-hour use, which is separate from your finance mobile. If you want to pay using your every-hour mobile, only have one account on it.
The other accounts need to be somewhere else. Or at the very least, distribute account amongst two mobiles.

Please all be welcome, to poke holes / improve on this. Or even have completely different ideas.

mi1 wrote: ↑Fri Mar 15, 2024 2:58 pm

yongchi wrote: ↑Fri Mar 15, 2024 2:24 pm Money transfer apps, banking apps, BTC wallets, Brokerage accounts, ID, etc. all on a single device? Really?
Then snapping pictures on riverside with that device.

Even if you lose your phone, it doesn't mean that someone who finds it can access all your accounts. They would still need to know the PIN or a secret word. Overall just follow standard security procedure should be enough (no pin reuse, if device stolen call banks, for really big amount have separate bank account from the one that u use daily, use brain wallet for crypto)

Problems:
For the sake of keeping it simple, let's assume they can't get in and steal your money.
But neither can you access it.

Single point of failure: A mobile that is used every hour for various purposes contains the financial accounts.

Suppose you rely mostly on your mobile for payments; if you don't have backup funds.... (Folks have commented in other threads how they are considering not getting a card anymore.)

You have to notify all institutions whose accounts you have on your mobile. Now you don't even have a mobile anymore.

If you had been trading on your mobile (as many do), you may be losing a bunch of money without anyone stealing it.

At the very least, I would suggest a separate mobile with most of the financial accounts (And I would still have cards and cash.) This phone should not be the one used on Riverside or along the road.

RVN67 wrote: ↑Fri Mar 15, 2024 5:13 pm The "new" cards with the RFID chips can be hacked by a person with a smartphone app from a distance of 10' (3mtrs) from inside your pocket, wallet, purse, bag, etc (Google). I just went through that painful experience in Dalat Vietnam last Dec.

I bought a 15 pcs RFID card sleeves ($6) previously and the only time I took the Visa card out was to tap & pay at a very crowded Jollibees in Dalat, VN. $12.5k in charges in one day through Apple pay, all in increments of $100+-. There were over 35+ charges before it was flagged. Larger amounts get flagged almost immediately so they got smart and kept them small.

BTW, I had only used my Visa three days earlier at my hotel prior to Jollibees on the same day. Next time was in Saigon at a hotel and it was declined.

Now I just use an ATM debit withdrawal here on my bank in the US, deposit whatever amount I want into my ABA savings account at the same terminal and just use ABA pay until it needs replenishment and I don't carry any of my cards while I'm here in PP. I also keep my ABA savings balance low too.

Wow, terrible. 12.5K USD! Noted. Was their any insurance or remedy for you?

That reinforces that if I want to use a debit card, I need to have it associated with a very low-bal account.
For example, risk of losing card or getting it hacked, $300, risk of losing mobile $300.

Questions:
Are these sleeves available in PP?
Are there any cards that don't have this problem?

So you recommend only a single low-balance account on the mobile?

Balance replenished via cash taken out from an ATM with foreign card. Card kept at a safe place.

(I assume you have a second card also in a safe place, just in case).

Sounds like a good plan to me.

I would still have cash, in case mobile payments don't work.

I have set very strict limits according to my needs on my cards. Additionally for online purchases, I use a virtual card for more or less each store exclusively with according restrictions. Once I had iTunes deductions at midnight from the virtual credit card I use only and exclusively for AliExpress. Starting with ±$5, then double each time. At ~$40 the 3 times a day limit kicked in, which they were not aware of, so they continued going back to smaller amounts until they finally gave up. Next day I went to ABA and I had to fill a form & declare that I did not do those payments (I don't even have any i-Device). Then I got told, that they forward this now and the check can take up to 6 weeks. 2 or 3 weeks later I got the amount back to my account. So it is wrong, that you don't get back your money on debit cards, but I agree that it might be a bit more difficult than with a credit card