Online Banking with GNOME Web Epiphany Browser

Hello,

Do any of you know specifically what settings I would have to change in the Epiphany browser in order for the online bill pay feature with my bank to work?

Or is online bill pay in general security compromised to the point that I’m defeating the purpose trying to enable my L14 for this?

Epiphany is very basic and limiting. Most banks tend to add “security” requirements to their websites like some forms of java. You prolly would have better luck with LibreWolf which can be install from your software package or here,

https://librewolf.net/

You sly dog you. Figuring out the answer to your own question. Within the browser you have to go to Prefereces, click the Privacy tab, then unselect the slider that says:

Screenshot from 2021-12-11 02-32-33

Intelligent Tracking Prevention

Then when you’re done with the transaction just hit the slider again to turn the feature back on.

:boom:

2 Likes

Thanks for the note on this other browser. I’ll have to give it a shot. Though I did have a small victory (see my response to myself - it’s late and self conversation made sense at the time) I have to celebrate when I can… even if it’s only a button click.

1 Like

My bank forbids some browsers or forbids even Firefox if the version is too old.

1 Like

It seems to me that there’s something very, very wrong with the privacy model when your own bank says you must enable tracking and third-party cookies.

3 Likes

I know… sad. This is even a local credit union too. You’d think they’d have different sensibilities than the mega-corporation banks they supposedly want to persuade people away from.

2 Likes

You could participate monthly or quarterly committee meetings to bring that up. My credit union is open to all members for committee meetings. Contact your credit union about that. Maybe there are some Google dweebs who are also members of your credit union that you need to argue against at committee meetings.

Find out who their web developers, background, any possible connections with Google, Microsoft, etc who have a goal for your banking website being inaccessible to Firefox, other browsers, even Linux users than Chrome and Edge. You could always switch to different local credit unions if your bank turns out to be completely inepted.

1 Like

In situations like this, it’s vital to complain… loudly, publicly, and convincingly. Businesses and organizations need to stop this habit of steering people deeper and deeper into privacy-invasive tech.

I know we have our work cut out for us, sadly. (P.S. For the non-native English speakers, that means the work will be very difficult.)

1 Like

It tells you what their real interest is; making money with your data not protecting you and your assets.

2 Likes

Or they outsource something like identity management so as to limit their liability in the case of a breach. It would take looking at what their policies say as well as what those cookies are to confirm one way or another.

I’m not saying what the specifics are in this case nor that no bank is harvesting your data, just that there are many different reasons that this could come up and not all of them are nefarious.

3 Likes

Having to disable tracking prevention around each use of a web site is not very convenient.

This is an argument for using multiple browsers or multiple profiles within one browser or both.

A more flexible browser might allow you to make exceptions for specific web sites regarding particular security or privacy options e.g. you do intelligent tracking prevention on all web sites except your credit union.

More advanced users, which might not be you, would use Virtual Machines for even more extreme isolation of low importance / low trust web sites from high importance web sites (such as those that allow access to your cash). You would need plenty of RAM for that e.g. 16 GB minimum, at a rough estimate.

You should complain at your credit union. At the very least you should point out to them that having to allow tracking in order to use particular functionality is a shoddy trade-off.

You should ask for a better error message. I hate error messages that say “it could be ‘a’ or ‘b’ or ‘c’” if the web site / the software knows which one it actually is. Ideally it would give you the cookie details that caused the problem i.e. name of the cookie and the associated domain name.

I assume the problem is not “block third party cookies” because Google has already announced that its dominant Chrome browser will completely block third party cookies (a change now delayed until 2023, admittedly). In other words, if that is the problem then your credit union’s web site is going to stop working for the majority of customers.

This kind of situation doesn’t necessarily arise maliciously.

To get a web site or part thereof up and running quickly, many developers use off-the-shelf components. Those components may unfortunately come with in-built spying. Alternatively, part of the web site might be outsourced.