I think I’ve found it, The Best Checking Account for Mortals!
After recently trying out two checking accounts due to “bonus” offers, I started a search for the best checking account. Ideally, it would pay a decent interest rate, have no monthly fee, and offer free checks.
There are lots of Rewards checking accounts out there. These pay an interest rate that’s usually greater than 1%, with the highest I’ve seen being around 3%. These usually have a limit on how the amount of your balance they will pay this premium rate, like $5000, etc. They have some tough requirements you have to meet, though. Many of them require 10 or more debit card transactions per month, direct deposit, electronic statements, etc. If you don’t meet those requirements, you end up with a tiny interest rate.
My problem is with the debit card transactions. To do 10 transactions per month consistently, I’d need to take my debit card with me just about everywhere. That would mean walking around with a card that has access to as much as 15K on it. And since it’s a debit card, it could be stolen and used as credit by the thief. Then, I’d have to work with my bank to get my own money back. That’s a hassle I don’t ever want to go through. At most, you could earn $450 per year with this account ($15K at 3%). While this is a decent return (by today’s banking standards, at least), it’s not worth the risk to me.
What I’m terming The Best Checking Account for Mortals is sort of a Rewards account, but the requirements are quite livable. Basically, you do a $1500 direct deposit into the account each month, and they pay you $10. Pay two bill payments through their online banking portal, and they pay you another $10. That’s it. These two $10 payments are deposited into your linked savings account. This isn’t a promotional offer, it’s good as long as they are offering this account.
So, let’s see if it meets my three criteria:
Decent interest rate:
For illustration purposes, lets say you have an average daily balance of $3K in your checking account throughout the year. With this account, you’d earn $240. A return of $240 per year on a $3K balance works out to 8%, which is not bad at all. That falls well within my “decent interest rate” criteria.
No monthly fee:
It has a monthly $10 fee, but it’s waived if you have a $1500/month direct deposit (which earns $10, so I’m definitely doing it), so nothing to complain about there.
The only real strike against it is that the only free checks it includes are the initial batch of 200. That’s probably enough checks to last the average person at least a year, if not several years. Personally, I only write one or two checks a month as “incidental” things come up, so this could last me 10 years or more.
So, it meets
Who offers this amazing Checking account? Santander Bank.
I signed up last Sunday night. They use Equifax, and couldn’t validate my identity because I keep a credit freeze in place, but I lifted it and they were able to open my account on Monday. They require a $25 deposit to open the account. When opening it, you get a linked Savings account too, but they waive the deposit requirement for that account.
About a week later, I received the debit card, PIN number, 200 checks, and my username and initial password to online banking. This all came in about 3 or 4 different envelopes. Keep the debit card and PIN handy, as it is needed to add new payees to online bill pay. This is a security measure so that, in the event your online banking account gets compromised, the attacker can’t “bill pay” with your money.
They use a security system put out by RSA, I believe. It’s the same system that Barclays uses, as well as one other bank I’ve used in the past. It involves a two stage login, where you put your username in on one page, then are shown an image and phrase (that you selected when initially logging into bill pay). If the image and phrase match what you expect, you can put your password, and away you go. This is to keep people from putting up a fake website that looks like Santander’s site, to fool users into giving away their login credentials.
Once logged in, the online banking is basically the same as you’d find at most major banks. You can see all of your accounts (including credit card, if you got one), account history, and schedule bill payments very similar to other systems I’ve used before. They have an iPhone app as well.
You can link your checking account to external accounts, but there is one minor issue. You can transfer money out of the account through Santander’s online banking, but can’t pull money from linked accounts. So, to get money into the account from another, you need to transfer it out of the source account.
Last night, from my Discover Checking account I set up a transfer to my Santander account. To my surprise, this morning it showed up (and was immediately available) in my Santander account.
I’ve set up my paycheck so that a portion of it is deposited in this account every two weeks. One thing I’ve noticed is that my credit union shows my direct deposit a day earlier than either Chase or Discover bank. I’m very interested to see if it shows up a day early with Santander also, since the Discover deposit showed up so quickly.
I’ve set up three payees and scheduled a few payments so far. Everything seems to be working as expected.
It happened to me, I realized today.
Until launch of the iPhone 6, I was the happy owner of an iPhone 5S. My wife inherited it, so I’ve occasionally used it in the past few months, mostly when something wasn’t quite working right.
Tonight, I wanted to test something on my wife’s iPhone. I picked it up, looked at it, and paused. There was my old phone, still wearing the case that had held it for the last year, but it seemed alien. The screen seemed so much smaller. Confused thoughts went through my head. Something that I was so comfortable using just a few months ago suddenly seemed foreign.
Having this moment has made it clear to me why Apple had to shift to this new size. Most high-end Android phones for the last several years have had significantly larger screen sizes than iPhones. Once you have become acclimated to the larger size, using a smaller phone just doesn’t feel right.
Soon after I started budgeting, I noticed some bonuses entering my life. Most of these bonuses are in the category of psychological.
Let me explain:
More Secure: Within 6 months of starting my budget, I had put aside around $1500 in an emergency fund. While that’s a very small emergency fund, it is enough to keep me from getting stressed about the little things that come up from time to time. It has already come in handy on at least two occasions where I would have usually had to whip out a credit card and then run a balance for a while.
Less Stress Making Payments: In the past, I would try to schedule my bill payments so they would be on-time, or perhaps a day or so early. Now that I’m budgeting, I typically pay them as soon as I get them. As an example, I typically get my cell phone bill a few days before the end of the month, due around the 21st of the following month. I usually pay it around the 1st, weeks ahead of the due date, but in the month that the bill is for. By paying quickly, the bills are off my plate, less for me to worry about.
Less Stressing about Missed Bills: In my pre-budgeting life, I occasionally forgot to pay some regularly monthly bills, like cable or cell phone. The bill would get misplaced, or something along those lines. With a budget, I have line items for each regular monthly bill. I can just look at the budget and see that I have money left in the Cable category this month, telling me that I haven’t paid that bill yet.
Less Stress about Job Stability: Sure, I could still lose my job, and it would be a very stressful situation. Since I started budgeting though, I’ve gotten to be “fully buffered”, whereby the money I earn this month is for next month’s expenses. My pre-budget self would be in deep…. trouble…. If I lost my job. I’d have bills coming due within days that I had no way to pay. My post-budget self would still be in trouble, but it wouldn’t be nearly as urgent. I’d most likely have 4 weeks from my buffer, plus another couple of weeks from my emergency fund before I’d run out of cash. If push came to shove, I’d be able to stretch that out longer by moving money from my car replacement category, etc. It would still be very bad to lose my job, but it would be much less stressful.
More Confident about Major Financial Decisions: I started budgeting because my oldest daughter (still living with me) was about to attend a very poorly performing public high school. My wife and I wanted to send her to a private school, but it was essentially impossible due to the high cost and our monthly expenses and debt. After budgeting for a year while sending three children to a private K-8 school, I was able to forecast things pretty closely to reality. My 8th grader was graduating that school, and I was able to enroll my oldest two in private high school, while keeping my youngest two at the private K-8 school. Remember that I didn’t know what the incidental expenses would be for private high school, but I felt confident that we’d be able to make it. We are almost half way through the year now and I’m in the process of saving up for next years application fees. When it comes time to reapply, I expect to have all the fees already saved up.
A Note about my Credit Card Past & Now: Pre-budget, I was not great with credit cards, running balances month after month. Soon after I began budgeting, I saw them in a new light. They are now a secure and convenient way to pay. No worries about my checking account getting sucked dry (can happen with debit cards), and no worries about ordering things on-line that never show up (if that happens, just call the CC company). Now, I charge on my credit card and schedule a payment within a couple of days (once it clears my card). Since I’m budgeting, the money has already been set aside for the purchase. The fact that I’m paying with a credit card is incidental. It’s just a payment method. The money moves from my checking within a couple of days, the same as it would if I had written a check.
This Budgeting Bonus is paid in Cash! Just tonight, I realized another bonus that budgeting empowers me to do, even though I started doing it about a month ago. Because I budget and I’m fully buffered, I have freedom that I didn’t have before. I can now take advantage of promotions various banks are offering. It started with me getting offers in the mail, but now I’m actively looking for special promotions to make money.
Many banks are now offering promotions where you earn cash for getting accounts with them. There will usually be some strings, such as a monthly fee on the account, unless you do $X per month in direct deposit to the account. In addition, many credit cards are offering bonus cash when you spend $X during your first 3 months.
For the bank account promotions, that is generally true income, deposited right in your account. You can then budget that money to whatever spending category you wish.
With credit cards, the rewards are usually statement credits, which (on the surface) is less exciting. But, if you are using your credit card to spend money that’s already in your budget, a statement credit is effectively income too!
Brand new in version 6.1 is the ability to log several HTTP Headers. To enable this, turn it on in your URL Filtering Profile under Settings. There, you can check the User-Agent, Referrer, and X-Forwarded-For headers. When you have a policy using that profile, you can see these new headers by going to Monitor > Logs > URL Filtering, and adding those new columns.
All three of these have their uses, I’m sure… Logging the referrer would be good if you are trying to find out what site directed your CEO’s workstation to that nasty virus, for example.
User-Agent, while often forged by bad actors, I think most legitimate apps are truthful. So, if you have a policy against certain type of apps on your network, this can help you find them.
I noticed that the popular IOS app FlipBoard uses this string:
Flipboard/3.0.1 CFNetwork/711.1.12 Darwin/14.0.0
Create Custom Application Signatures
I was able to use the User-Agent string I found above to create a simple Custom Application. To do so, I went to Objects > Applications and hit Add.
I filled in the basic stuff on the Configuration Tab, left the Advanced tab at defaults and added the real magic on the Signatures tab. I added a new signature here with a single condition. In that condition, I’m doing a pattern-match on the http-req-headers looking for “Flipboard/*”, the beginning of the User-Agent string. Then, I simply added it to a policy to block it.
I tested it a few minutes later, and while the Flipboard application appears to have cached what it had previously loaded, new content was denied by the Palo Alto.
Logging Files Downloaded or Uploaded
Whether you actually want to block any files or not, its a very good idea to create a simple File Blocking policy object strictly to log all the activity.
Go to Objects > Security Profiles > File Blocking and add a new policy. Call it Log All, and add a rule. For this rule, set Applications to any, File Types to Any, Direction to both (upload and download), and action to Alert. Next, add this policy to any policy where inbound or outbound traffic might happen. Commit the policy.
To see the results of your labor, go to Monitor > Logs > Data Filtering. In short order, you’ll start seeing all the major types of files that your users are uploading or downloading. Executables, PDFs, Microsoft documents, videos, sound files, etc. will all be shown. Now, it’s not keeping a copy of them, of course, only logging who uploaded or downloaded what type of file, and usually the filename as well.
Be careful though… The direction the file moved isn’t always obvious. The Direction column uses “server-to-client” and “client-to-server”, which sounds clear, but in practice it isn’t. My wife streams Pandora, which shows up as a “server-to-client” direction. The source is listed as the Pandora server address and the destination is my wife’s iMac. My machine had a file called “message.mp3″ that was “client-to-server”, with the source being my workstation and the destination being a remote server. After briefly going into a panic thinking my machine was recording an mp3 file occasionally and uploading it to a server, I discovered via a trace that the message.mp3 file was actually being downloaded by my machine when an event happened in iMessage.
Just logging the file transfers that are going on can be really eye-opening.
Until next time!
If you ever get an offer in the mail from ANY bank, whether it is for a bonus when opening a checking or savings account, or a bonus cash back offer from a credit card company, or any other kind of offer, do not simply apply for it and throw the offer away. Keep a copy of the offer until the bank has lived up to their end of the bargain. If you want to close the account after the conclusion of the offer, make sure there are no penalties for closing it within X months, etc.
In my experience, some banks are better as it relates to being clear about their offer than others.
Who, you ask? Chase Bank, for one. After getting an offer in the mail (a few times, actually), I went in and applied for a checking account. I left with a new account, along with a folder of documentation about the account. That folder included a piece of paper clearly explaining the promotional offer and how it would be handled, written in plain, simple language. And they fulfilled their end of the deal very quickly.
I heard this “keep all offers” advice from Clark Howard, a consumer advocate with a radio show. If memory serves me well, he said banks get amnesia as it relates to these promotions. If I had only heeded his words.
I guess I didn’t really stop to consider the possibility that the bank would go back on their offer.
After a couple of weeks of customer service promising to work with corporate to try to fulfill the original offer, they now tell me that the offer I applied for had ended about 2 weeks prior to me applying. That seems unlikely, as I am almost certain I applied the very day the offer arrived. Alas, I did not keep the mailing, so I can not prove it. I doubt that I’ll ever make that mistake again.
CradlePoint supports Radius authentication for management of their units. In looking through there documentation, there wasn’t much in the way of explanation on how to set up the radius server.
I was able to get in touch with their support personnel, and although they couldn’t tell me how to set up the Windows version of radius (IAS on 2003, NPS on 2008R2), they gave me a clue and I was able to come up with this…
Note that the screenshots shown below are for IAS, but the NPS settings should be similar, though it is organized a bit differently.
1. Create a new Remote Access Policy for CradlePoint Administrators. When done, the main settings page should similar to this. Note that I’ve added a NAS-Identifier of “cplogin” and I’m looking for a Windows-Group membership for the user that’s attempting to login. The CradlePoint MBR1400 uses a NAS-Identifier of “cplogin”, as do (I suspect) most CradlePoints that support Radius. The Windows Group is the group you want to have Admin access to the CradlePoints.
2. Hit the Edit Profile button. Go to the Authentication tab and make it match this:
5. Finally, restart the radius service.
Aside from that, you just need to point your CradlePoint to the IP of this radius server and set the shared secret to match.
CurrentC – So far, I haven’t found official details, but as I understand it, they require your name, social security number, drivers license number, and linked bank account details. They keep a history of your purchases, including medical (though offer a way to opt-out of that). It works by scanning a QR code with your phone, then allowing the merchant to scan your payment QR code. At some point, you enter your 4 digit PIN code. I’m not sure if the payment code is dynamic or static. The merchant can then perform a withdrawal directly from your linked bank account. Your data is stored securely in the cloud, not on your phone. (If the SSN, etc. requirements are wrong, please someone let me know)
ApplePay – Take a photo of your credit card to add it. It recognizes your card number, expiration date, etc. Once registered, your card number (and photo) isn’t even stored on your phone. A unique device account number is assigned, which is encrypted and stored in a dedicated chip in your phone. When you make a purchase, you validate the purchase with your fingerprint. The merchant gets your device account number along with a transaction specific dynamic security code. They don’t get your card number. In fact, they don’t even get your name. The charge goes against your credit card, just like if you paid via the mag-stripe card. You get the same protections afford using your card.
Perhaps it is secure, but CurrentC seems like a huge data breach disaster waiting to happen. Imagine all that data falling into the hands of the wrong person. Further, with your bank account details, a bad actor could conceivably drain your account, forcing you to fight your bank to get your own money back. If a data breach happened with ApplePay and your data was compromised, you still have the protection of the credit card in place.
Lastly, there are a log of big name retailers behind CurrentC. I can’t help but notice that one of those big names is Target. With the size of the data breach that happened at Target one year ago, I’m certain I don’t want them having direct access to my bank accounts.