As most of money in the world is digital anyways, Why can’t people fake transactions to a Bank account or just add one or two zeros to the balance? What makes online banking so safe that this doesnt work?
Most of even well guarded things have been hacked in the past, so i would imagine it’s at least possible?
In: Technology
You can’t just “create” money in an account without a paper trail saying where it came from.
The bank balance doesn’t exist on its own. Rather, banks operate a ledger system, and the balance is calculated off of that.
A ledger is a record of all transactions in and out of an account.
Imagine I give my kid a small allowance, but I let them “deposit” money with me for safe keeping. We track the balance in handwritten “bank book”.
He deposits $10, so we write in “$10 deposited” and I initial it. Next to it, we update the balance to $10. Repeat that next week. We write “$10 deposited”, I initial it, and the balance updates to $20.
He gets clever, and thinks “I want to buy a PS5, but I’d need $500 for that. Maybe I can trick dad into thinking I have $500.” He steals the bank book, and updates the balance to $500, then sneaks it back into the drawer.
The next day he asks to withdraw $500 to buy a PS5. I say “Hah, sure bud lets check your bank balance.” I open the ledger and surprise, it says $500 balance.
The ledger though says $10 deposited, $10 deposited. Should only add up to $20. I make the correction, and ground him for fraud.
He can change the balance all he wants, but the ledger is what matters. The ledger needs to be updated too.
This expands the question: What if he writes in $480 deposited and forges my initials?
Well jokes on him, because the book is only one copy of the ledger. I have a digital copy too, and it only shows $10 deposited twice. Ledgers don’t match, so I do a little audit, realize I definitely don’t have $480 of misplaced cash, and he’s just as grounded.
What if he knows about the digital ledger and forges that as well?
As part of my audit, I’m checking the write history of the ledger. I know who accessed the file and when it was updated, and I can confirm that it wasn’t an authorized access to the ledger. Lets tack an unauthorized access charge onto his grounding, an extra week.
One more step: What if he’s an actual hacker, and manages to update the digital copy of the record in a way that says it was updated by me with my phone while the phone was in my possession. This is the beauty of ledgers: The money has to come from and/or go somewhere, which means the transaction has to agree with their ledger too.
If my son truly deposited $480, then that means there’s either $480 of misplaced cash somewhere in the home, OR I deposited the cash into my bank account, and the ledger there would confirm it. I check my bank transactions and see no deposits. I check my wife’s just in case. No evidence of the other side of this $480 transaction. So together we turn over all the couch cushions and sock drawers in the home looking for the $480 my son supposedly deposited. Much in the same way that you’d expect a bank to check an ATM after it ate your deposit.
We find nothing. No evidence that my son ever gave us $480 to deposit into his bank account. Now he’s super grounded, and he’s cleaning up the mess we made searching the home to boot.
This is the power of ledgers for financial transactions. Even if you managed to hack your account and add a few zeros, the bank ledger(s) need to match, so you need to fake a transaction. That ledger is backed up in multiple digital locations, so you need to update them all, and finally the ledger needs to agree with the ledger of the institution that supposedly sent the money, along with a corresponding bank account balance that the money is supposedly coming from.
At that point, all you’re really doing is stealing money in the hardest, most complicated way possible.
Latest Answers