Alliant Credit Union

scanchain · August 1, 2022, 11:35am

Alliant Savings 1.2% → 1.4%

onenote · August 8, 2022, 5:56pm

At my latest login, Aliant wants me to sign an electronic transaction agreement where I agree to use their smartphone app. I do not do financial transactions on my cell phone so I refused to sign the form. It looks like they are going to freeze my account. I only have a few hundred dollars in my accounts so it is time to end a long relationship.

I checked their CD rates and they seem to be lower than comparable term T-bills and their savings account interest rate is lower than my Vanguard money market account.

I have a Bank of America premium rewards credit card that has a higher rebate than theirs.

Sayonara Alliant.

glitch99 · August 8, 2022, 6:49pm

Is it an agreement that leave you only able to use the smartphone app? Or is it just to give you the option of using the app?

onenote · August 8, 2022, 9:22pm

Here is the agreement. I do not want to have even the option of the cellphone app as that gives an attack method for a hacker to install the app on his phone and register it to my account.

—-

Electronic Signature and Consent to Conduct Business Electronically

By continuing with this application, you consent to conduct business electronically regarding membership in Alliant Credit Union and the opening of account(s) within that membership.

Technical Requirements
To use this process to open your account(s) and to access and retain electronic records via the Alliant Mobile Banking App, you will need:

The latest version of the Alliant Mobile Banking App.
The latest version of the iOS or Android operating system is recommended; only operating systems and devices which are still receiving security updates are supported.
Due to the wide range of Android devices, please see https://www.alliantcreditunion.org/credit-union-benefits/credit-union-mobile-banking for a list of supported devices.
Access to the Google Play Store or Apple App Store with your region set to the United States.
Software that can accurately read and display PDF files (such as Adobe Acrobat Reader).
To use this process to open your account(s) and to access and retain electronic records via any other electronic device, you will need:
The latest version of Microsoft Edge, Firefox, Safari, or Chrome. In general, we support the latest version of these browsers. For older versions, the experience may not be optimized.
If you wish to print or keep copies of the records, you must also have access to a printer and/or the ability to download and store the documents provided.
Software that accurately reads and displays PDF files (such as Adobe Acrobat Reader).

Paper Copies of Electronic Records
If at any time you wish to obtain a free copy of your electronic signature and consent to open account(s) and enrollment agreement, you may print or email the agreements using the options provided, or contact Alliant by calling 800-328-1935.

Non-Acceptance
If you do not provide your electronic signature and consent to conduct business electronically, your account will be unable to be opened.

Notices of Address, Phone, Name or Email
Changes to Name, Address and Account Holder. You are responsible for notifying us of any address change (both physical and email), phone number change (both mobile and landline), name change or death of an account holder. Notices must be in a form and manner acceptable to us with enough information to allow us to identify the account. Alliant is only required to attempt to communicate with you at the most recent address, email address or phone number you have provided to us. We accept a change over the phone, in writing (email is not accepted) or electronically through our website. If you fail to provide us with your new address, we may update your address using information provided by the United States Postal Service. Name changes must be requested in writing with documented proof of legal name change.

Notice of Amendments
Except as prohibited by applicable law, we may change the terms of this Agreement. We will notify you of any changes in terms, rates, or fees as required by law. We reserve the right to waive any term in this Agreement. Any such waiver shall not affect our right to future enforcement.

Effect of Notice
Any written or electronic notice you give us is effective when we receive it. Any written notice we give to you is effective when it is deposited in the U.S. Mail, postage prepaid and addressed to you at your statement mailing address. Any electronic notice we give to you is effective when it is sent to the email address we have on file. Notice to any account owner is considered notice to all account owners.

Applicability
By electronic signature, you consent to the electronic delivery of all disclosures, agreements, change notices, tax forms, terms and conditions and any other document required during the course of your relationship with Alliant.

Withdrawing Consent
You have the right to withdraw your consent to conduct business electronically. If you select this option, your access to electronic banking will be terminated. You may withdraw your consent by contacting Alliant at 800-328-1935.

Electronic Account Statements
As part of your membership, you will automatically receive free electronic account statements. You may, however, elect to switch to paper statements within your online banking preferences. Refer to Alliant’s Fee Schedule for applicable paper statement fee.

You further acknowledge that by accepting this agreement, you will have access to your authorized Alliant accounts through all electronic means offered by Alliant. You understand and agree that Alliant may restrict and/or terminate your access to any electronic services at any time where we reasonably deem it necessary to prevent a loss to us; if you do not pay any fee when required; you do not comply with the agreement governing your deposit or loan accounts; or your account(s) are not maintained in good standing. By consenting to this agreement, you understand that you are applying for current and future electronic services that may be offered by Alliant. You agree and understand that if approved for membership, you are contractually liable according to the applicable terms of the Alliant Account Agreement and Disclosures, the Fee Schedule, and all associated terms and amendments Alliant makes as applicable.

The information contained in this e-mail and any accompanying documents may contain information that is confidential or otherwise protected from disclosure. If you are not the intended recipient of this message, or if this message has been addressed to you in error, please immediately alert the sender by reply e-mail and then delete this message, including any attachments. Any dissemination, distribution or other use of the contents of this message by anyone other than the intended recipient is strictly prohibited.*

onenote · August 8, 2022, 9:30pm

I realize that other financial institutions I deal with have the option of using a cell phone app but with those I sign a form like this if I want to use the app. Aliant seems to want me to give permission for the app to do any kind of electronic banking with them.

As I mentioned, I’m not getting much benefit from Alliant so it’s not worth the hassle to me to try to straighten this out.

scripta · August 8, 2022, 9:37pm

I don’t see any problem in the agreement, except perhaps you either misquoted it or there’s a missing or broken paragraph in the HTML. Here’s what it would look like if properly formatted, emphasis added for clarity:

To use this process to open your account(s) and to access and retain electronic records via the Alliant Mobile Banking App, you will need:

The latest version of the Alliant Mobile Banking App.
The latest version of the iOS or Android operating system is recommended; only operating systems and devices which are still receiving security updates are supported.
Due to the wide range of Android devices, please see https://www.alliantcreditunion.org/credit-union-benefits/credit-union-mobile-banking for a list of supported devices.
Access to the Google Play Store or Apple App Store with your region set to the United States.
Software that can accurately read and display PDF files (such as Adobe Acrobat Reader).

To use this process to open your account(s) and to access and retain electronic records via any other electronic device, you will need:

The latest version of Microsoft Edge, Firefox, Safari, or Chrome. In general, we support the latest version of these browsers. For older versions, the experience may not be optimized.
If you wish to print or keep copies of the records, you must also have access to a printer and/or the ability to download and store the documents provided.
Software that accurately reads and displays PDF files (such as Adobe Acrobat Reader).

onenote · August 8, 2022, 9:51pm

I requested that they email the application to me and this is a direct copy and paste from the email.
Edit. If you have an account with them they will probably present this form to you the next time you log in.

As they say on the Internet IANAL but here’s the part that bothers me. I read it as requiring the cell phone app to do electronic business with them. I read these electronic consents pretty carefully and I have not seen any other financial institution requiring me to give permission for the app to do business with them. Maybe in the future they may provide a big benefit that I want and I will deal with this but for now there is not enough benefit so I will just close my account.

By continuing with this application, you consent to conduct business electronically regarding membership in Alliant Credit Union and the opening of account(s) within that membership.

Technical Requirements
To use this process to open your account(s) and to access and retain electronic records via the Alliant Mobile Banking App, you will need:

The latest version of the Alliant Mobile Banking App.

scripta · August 8, 2022, 9:56pm

Read my post again. The “technical requirements” section gives you two options, one with app and one “via any other electronic device”. You don’t need to be a lawyer to see this.

onenote · August 8, 2022, 9:57pm

I did read your post and the application. I do not agree with you.

scripta · August 8, 2022, 9:57pm

I literally took what you posted and made the second option look like a separate paragraph instead of making it look like it belongs to the bullet point that precedes it. They’re obviously not the same item. They’re even visibly not in the same paragraph. Obviously you can do what you want and believe whatever you want to believe, I’m just making it clear to others what the agreement actually states. I also do not use their app.

Here’s the actual document as a PDF, where you can clearly see that what I wrote above is true: https://www.alliantcreditunion.org/images/uploads/files/eSignDisclosure.pdf

Maybe your email client is broken, or maybe whoever sent you the email did a poor copy-paste job.

onenote · August 8, 2022, 11:10pm

I stand behind what I wrote. The application gives permission to both cell phone app and browser access.

scripta · August 8, 2022, 11:51pm

OK, I understand now. But I think you misunderstand how that actually works. For all intents and purposes the phone app works the same as a browser. Any “hacker” would need your Alliant username and password to sign in, or access to your second factor (like email account) to obtain your username and reset your password. Any such “hacker” is more likely to use a bigger computer than a phone.

Further, I think you’ll have this problem with every other financial institution. Do you know any that allow customers to block phone apps while allowing browser access?

onenote · August 9, 2022, 1:41am

I looked into it and it turns out that both Fidelity and Schwab, where I have accounts, have cell phone apps.

Doh!

I certainly do not recall giving permission to access the accounts through an app. An app seems to me to be a lot less secure than using a browser on a desktop computer with two factor authentication.

I’m going to look into it to see what the access restrictions are on my brokerage accounts.

glitch99 · August 9, 2022, 1:44am

You do realize that even if you don’t give permission, a hacker can still agree to the agreement for you anyways.

onenote · August 9, 2022, 1:50am

First, they would have to gain access to my account with my user ID and password and two factor authentication.

I think.

What are the conditions for a hacker to register a cell phone app to my account directly from a cell phone?

sullim4 · August 9, 2022, 1:55am

Short of using smaller banks and credit unions, almost all major financial institutions have mobile apps.

It isn’t. Every banking app I have used has required some form of two factor authentication - either Face ID, Touch ID, SMS message code, or a PIN in addition to your username and password. Your cell phone also has location information available, and oftentimes banks will require that the first time you register the device, that you do so from the registered address on your account.

Many (if not the vast majority) of mobile apps use the same APIs as their web counterparts to get an auth token, balance information, initiate transfers, etc.

I would be a lot more worried about personal check use (where your account number is visible for all to see), or debit card fraud. Either of those two are significantly more likely, and far more profitable, for a thief to use as a vehicle to steal from you.

glitch99 · August 9, 2022, 2:21am

Without which the app is equally useless to them…

onenote · August 9, 2022, 2:34am

To each his own. I will not be using a cell phone app to access my account so I’d like to close out that possible way to break into it. I’ll look into it with Fidelity and Schwab.

scripta · August 9, 2022, 3:41am

That makes no sense. The app can still ask for the second factor, except in some cases if you give the app the permission to read your SMS and the phone number provided for 2FA is the number on your mobile phone, then the app can authenticate without user interaction. The browser also shouldn’t ask for 2FA each time you login, because it can save a cookie in your browser. The app kind-of does the same thing – saves a cookie. You can clear the app cache just as you can clear browser cookies if you so desire.

Besides, desktop computers with browsers have historically been much more prone to being hacked than mobile phones, so a phone app is actually more secure (assuming it’s well-written). Also assuming that it gives you the option to log out of your account. Cause if you stay logged in and someone steals your phone and is able to unlock it, then that’s just as bad as someone gaining full access to your desktop browser with all its cookies or passwords saved.

Bottom line, unless you can demonstrate otherwise, your assumptions about security are reversed. And you might have to close all of your FI accounts.

onenote · August 9, 2022, 4:24am

LOL

So you think that a device that I carry in my pocket and can easily be lost or stolen is more secure than a device that’s locked into my home? I realize the vulnerability of desktop computers so I set aside a computer that I use only to access financial websites. No email or web surfing. It is isolated from my home network. Edit. Obviously that’s not all I do. I also keep the operating system and all the applications updated to the latest versions. I use the built-in Windows 10 antivirus software to scan the disk periodically.

Most brokers have a stated a policy of guaranteeing customers from electronic fraud, I know the policy applies to desktop computers provided the customer does their part in not being negligent, reviewing accounts, and reporting any suspicious activity promptly. If you read them it’s clear that they are aimed at desktop computers. Is there a comparable policy for fraud on cellphone apps?

As a service to the community here are links to the fraud policies of various large brokers

Vanguard,

Fidelity,

Schwab,

E-Trade

Merrill Edge

TD Ameritrade