Custom keyboard logging my personal info?

[XChrisX]

So yesterday I found out my bank account has been compromised, and now I'm trying to find the culprit! While it seems unlikely the custom Jellybean keyboard has been logging my personal info, is there any real possibility of it? I downloaded the one that was first featured here from "beansoft port", and really liked it the best. However after this incident, I have uninstalled it, and went back to the more popular and common "swiftkey3". I'm not saying with certainty this was it as I really have no clue, but I'm just trying to retrace my steps, and rethink everything. I've noticed when installing some of these third party keyboards the notification alert pops up notifying me that the keyboard could possibly log my personal info. I'm sure it is unlikely but after this most recent incident I'm just trying to cover all of my bases. Any suggestions here or am I overreacting? I really loved the Jellybean keyboard the best, and while I'm fine with Samsung customizing ICS to their liking. I really wish they wouldn't remove such important/basic functionality as the stock keyboard. Thanks in advance for the advice.

 

[Rev2010]

Sorry to hear about your bank account. As you already noted it's certainly a possibility but rather unlikely that is what caused it. I personally never ever log into my bank or credit card accounts from my phone. I don't even do it over wifi, only when connected via a cable, I just feel it's too easy to grab when being "beamed" through the air - yeah yeah I know... it's all encrypted but still. Unfortunately some people need to access their accounts over mobile due to the nature of their business, but if you don't absolutely need to then just access your accounts from your PC.

That aside, accounts can be broken into pretty easy. Skimming is quite common and one way to avoid it is to not use your bank debit card to pay for items in stores, restaurants, and bars. Credit cards are a far better option in those instances since you are better protected. Banks, if they return your money (sometimes they don't) can take several weeks to get your cash back in your account. And I've seen many times where they simply won't put your money back and expect you to take the loss. Sometimes there are also people on the inside stealing your account info. I had a Chase credit card (not a bank card) that got hit with fraudulent charges. I got a new card and was very careful with it and within a month the new card with a new number got hit again. I know another person who had the same thing with a Chase credit card. There's no doubt in my mind someone on the inside is selling numbers so I canceled my card and closed that account.

Rev.

 

[r3ddawn]

all keyboards can log personal data, which is why you should verify what you install... Swiftkey, Swype, etc... all have that set, including stock keyboards... Don't know what Jellybean keyboard your talking about or installed, but if you got it from a legit source, I doubt that was the cause for your issue..

 

[XChrisX]

all keyboards can log personal data, which is why you should verify what you install... Swiftkey, Swype, etc... all have that set, including stock keyboards... Don't know what Jellybean keyboard your talking about or installed, but if you got it from a legit source, I doubt that was the cause for your issue..

I doubt it was the keyboard but the warning that pops up upon installing or setting as default had me curious. The one I downloaded was from the play store so I assume it was from a reputable source. Again I'm not saying it was the keyboard for sure. I was just wondering if that was a possibility since the warning msg pops up upon installation. Thanks for the tips. Im back to swiftkey3 as it seems to be more reputable.

Sent from my SAMSUNG-SGH-I747 using Android Central Forums

 

[cgardnervt]

Anything is possible! If you got it from the Amazon app store or the Google Play Store then I am guessing your fine. I use Swiftkey my self. If I was you I would turn off all of your credit cards, routing numbers and have them changed.

 

[funkylogik]

all keyboards have the potential to log the data keyed into them, thats why u get the warning but even if they log it, theyd need a way to transmit that data for someone to use

 

[XChrisX]

all keyboards have the potential to log the data keyed into them, thats why u get the warning but even if they log it, theyd need a way to transmit that data for someone to use

Well my PIN wasn't used, they were able to get my number and use it that way. I haven't made any purchases through my phone, but I do frequently use my banks app on the Phone though. They were several smaller purchases in Europe so there's no way to know. Chances are it was someone locally that had access. Either way, my card was been canceled and a new one was issued. I was just exploring all possibilities here.

 

[Suntan]

Let's see... ...keyboard program on your phone, or that kid at Chilies that you handed your card to as he walked off to the other side of the restaurant to swipe it. Hmmm...

-Suntan

 

[XChrisX]

Let's see... ...keyboard program on your phone, or that kid at Chilies that you handed your card to as he walked off to the other side of the restaurant to swipe it. Hmmm...

-Suntan

Most likely agreed, it was just a little weird that all of the charges were in Europe while I'm in Texas. My CC# surely made it a long way across the pond!

 

[camiller]

There has been software around for years that can generate a chase (or other bank) credit card number with valid check digit. Current versions can even generate a valid CVV code as well. You don't have to have had your card physically compromised for the number to be out there.

 

[funkylogik]

Most likely agreed, it was just a little weird that all of the charges were in Europe while I'm in Texas. My CC# surely made it a long way across the pond!

people sell the details online mate. id say usin a card via ur phone is equaly as risky as usin it other ways. is the bank refunding it though?