WLAN

Whether at home, at work or in a public space: Today you can go online just about any­where and at any time. This often involves the use of a WLAN.

Pro­tect your­self by...

  • only making lim­ited use of unknown WLANs or avoiding them alto­gether, if at all pos­sible.
  • not using public WLANs for e-banking and gen­er­ally never trans­fer­ring any con­fi­den­tial data this way.
  • when­ever pos­sible only con­necting to encrypted WLANs.
  • using a cur­rent encryp­tion method (WPA) with a strong pass­word for your own access point.

Oper­ating prin­ciple

Using wire­less tech­nology, WLANs offer an extremely flex­ible, con­ve­nient way of con­necting to a net­work and the Internet via a mobile device, without the need to worry about annoying cables. For mobile devices, such as tablets, it is often the only way to con­nect to the net­work anyway. This type of con­nec­tion is also fre­quently acti­vated on smart­phones.

How­ever, using and oper­ating such wire­less net­works also has some inherent risks which many people are not even aware of.

Using WLAN securely

Apply a “healthy” dose of sus­pi­cion when using an unknown WLAN.

If at all pos­sible, con­nect only to encrypted WLANs (WPA2 or WPA3).

Don’t use public wire­less net­works for e-banking, and don’t transfer any con­fi­den­tial data across them, for instance via “hotspots” in public spaces (towns, sta­tions, etc.) or hotels.

Use end-to-end encryp­tion for any con­fi­den­tial data, no matter which type of trans­mis­sion tech­nology you choose.

If pos­sible, deac­ti­vate the “con­nect auto­mat­i­cally” func­tion for unknown and unpro­tected WLANs on your mobile devices.

Oper­ating WLAN securely

Acti­vate a strong type of encryp­tion, at least WPA, or even better WPA2 or WPA3, and make sure you use a strong net­work key and pass­word.

Change the net­work SSID if it con­tains the name of a person, such as a family name, or any infor­ma­tion on the router, e.g. its type.

Replace the fac­tory-set router pass­words with your own, strong ones.

Acti­vate the MAC filter.

If pos­sible, reduce the trans­mis­sion power of your WLAN router and switch it off if you don’t need your local wire­less net­work.

You should also take appro­priate pre­cau­tions if you are run­ning your own hot spots on your mobile phone, to pre­vent any abuse of your mobile Internet con­nec­tion.

WLAN stands for Wire­less Local Area Net­work. This method of com­mu­ni­cating wire­lessly is extremely flex­ible, con­ve­nient and there­fore widely in use today.

How­ever, using and oper­ating WLANs also has some inherent risks. You can make them con­sid­er­ably more secure with a few suit­able mea­sures.

Fur­ther infor­ma­tion for those inter­ested

WLAN struc­ture

The cen­tral com­po­nent of a WLAN is the access point. It is the link between the air inter­face and the mobile devices on the one hand and the cable-con­nected net­work and the Internet on the other. The access point “gen­er­ates” the WLAN by sending out radio sig­nals into all direc­tions via its aerials.

So that devices can “see” the WLAN, the access point usu­ally trans­mits a net­work ID - the so-called SSID (Ser­vice Set Iden­ti­fier). Users can dif­fer­en­tiate between all WLANs avail­able in a loca­tion and select their required con­nec­tion.

Encryp­tion

The use of wire­less trans­mis­sion has the draw­back that it is rel­a­tively easy to read out any data trans­mitted. Gen­er­ally any device inside the trans­mis­sion range of a WLAN catches all the data traffic. For this reason, the con­nec­tion between mobile devices and access point should be encrypted. And although you cannot pre­vent com­mu­ni­ca­tions being read out, nobody can then do any­thing much with them.

There are dif­ferent methods of encryp­tion:

  • WEP
    Wired Equiv­a­lent Pri­vacy was the first encryp­tion pro­tocol used as stan­dard in WLANs. Mean­while, this is also con­sid­ered inse­cure and is rel­a­tively easy to hack. You should there­fore no longer use this type.
  • WPA
    WiFi Pro­tected Access is an advanced form of the WEP pro­tocol. Improved secu­rity mech­a­nisms ensure better pro­tec­tion. For instance, net­work par­tic­i­pant authen­tifi­ca­tion was improved, and dynamic keys for trans­mis­sion were intro­duced.
  • WPA2
    WPA2 is built on WPA, but uses the strong AES algo­rithm for encrypting data trans­mitted.
  • WPA3
    WPA is cur­rently the latest encryp­tion stan­dard for wire­less net­works. In par­tic­ular, attacks on encryp­tion pass­words are made con­sid­er­ably more dif­fi­cult when com­pared to WPA2.

When­ever pos­sible, you should now only ever use WPA2, or where avail­able, WPA3 in WLANs. You must choose a suf­fi­ciently strong Pre­shared Key, i.e. the pass­word to the net­work. It should at least be 16 char­ac­ters long and have all the char­ac­ter­is­tics of a strong pass­word.

In this regard, you should also note that this only pro­tects the dis­tance between the ter­minal and the access point. This encryp­tion ends at the access point, so that from here on onwards, data will once again be trans­mitted in an unpro­tected manner. Regard­less of the trans­mis­sion tech­nology, con­fi­den­tial con­tents should always be encrypted end-to-end by the chosen trans­mis­sion tech­nology, e. g. when surfing the Internet or when e-banking, with a TLS/SSL encryp­tion (https, lock symbol).

MAC filter

Every net­work device has a MAC address, i.e. all mobile ter­mi­nals too. This always acts as a unique iden­ti­fier. Access points offer the option of using a MAC filter. This means only reg­is­tered mobile devices with a known MAC address are per­mitted to access the net­work.

How­ever, a device MAC address is not tamper-proof. With the right tools, an autho­rised MAC address can be faked, thus cir­cum­venting this filter. How­ever, the MAC filter option should still be used, even if it just serves to erect another bar­rier against poten­tial attackers.

What else would you like to learn about security when e-banking?

Reg­ister for a course now
and learn more:

Basic courses

This basic course will point out cur­rent threats on the Internet and con­veys mea­sures as to how you can pro­tect your­self by taking some simple mea­sures.

fur­ther infor­ma­tion

Prac­tical courses

Learn and prac­tice the most impor­tant mea­sures for your com­puter and e-banking secu­rity on com­puters pro­vided by us.

fur­ther infor­ma­tion

Send this to a friend