Many years ago, if you wanted to send money to someone online, you used PayPal. It was the only game in town.
So, many years ago, if you wanted to hack a system to steal money online, you tried to hack into someone’s PayPal account.
Today, you have a lot of ways to send money between friends. There are PayPal-like competitors, like Venmo and Cash App, but bank-based transfer methods too, like Zelle.
I’m pretty savvy when it comes to phishing emails, which are those emails that trick you into logging into a fake site with your real credentials, but I try to set up systems as a backup to my vigilance (for example, I use a secret email address just for sensitive accounts). But no one is 100%.
Today, I want to share a straightforward concept you can use to protect myself – it’s called a Firewall Bank Account.
Table of Contents
What is a Firewall Bank Account?
In IT, a firewall is a system that monitors incoming network traffic for nefarious activity. In construction, a firewall is a wall that inhibits or prevents the spread of a fire. Without one, bad actors get free reign once they break in.
In our case, a firewall prevents the spread of a financial breach.
A Firewall Bank Account is an account that sits between your primary bank account and any potentially insecure accounts.
Take a look at my financial map:
PayPal is connected to a Capital One 360 account, which is connected to my Ally account. My Ally Bank account is my main checking account while the Capital One 360 account is my firewall bank account.
(the arrows indicate who can initiate a transfer, so my Ally account can transfer to and from Capital One 360 but my Capital One 360 can’t initiate anything with my Ally account)
Specifically, it goes to a checking account at Capital One and that checking account is routinely swept so it contains just $1.
My Capital One 360 account is my firewall.
If someone gets access to my PayPal account, they can only transfer funds from a Capital One 360 account. Nowhere else. Since that account only has a dollar in it, any request above $1 will fail.
Why Capital One? You can use any bank account but I use them because they made it easy to create sub-accounts. It takes only a few minutes to open (and close) sub-accounts with their own separate account number. At the time I opened the account (back when it was ING Direct), they were the only ones to offer this but now many banks do. You can use any account as a firewall.
It Protects Against Accidents Too
Just like how a firewall in your house protects against accidental fires, financial firewalls protect against accidental transfers too.
Let me share this Reddit thread that started on April 16th, 2020:
The gist is that u/thaipedo had $7,000 withdrawn from his account by the IRS, except he didn’t owe the IRS anything. He was due a refund!
It’s not clear what happened but it looks like there was an error and he can’t get someone on the phone because the IRS has a massive backlog! He will get his money back eventually but who can stand losing $7,000 and still be OK?
People make mistakes all the time and a firewall would’ve prevented this too.
Keep Your “Spoke” Accounts Ignorant
If my Ally Bank account is the hub, the other bank accounts (like Capital One) are spokes.
My Ally Bank account can initiate transfers to and from my spoke accounts, but my spoke accounts can’t do the reverse. They don’t even know about the Ally account.
For example, if you were to get login access to our Bank of America account, you would not be able to transfer money from to or from another account. It has no idea we have accounts anywhere else and that’s by design.
Ignorance is bliss!
🤔 This does make things a little cumbersome when we have to transfer funds because everything has to be initiated in one account (Ally). It also means spokes can’t transfer funds to each other, but this is unnecessary so it’s never a problem for us.
How to Set This Up Yourself
You can do this as part of drawing your financial map. As you log into each of your accounts, keep track of who can initiate activity and in which direction. Then start deleting the things you don’t want and adding the things you do.
You will want:
- Primary Bank Account, hub: This holds most of your free cash, it should have connections to all other accounts.
- Secondary Bank Account(s), spokes: This holds a minimum of what you need for whatever purpose it is, it should have no connections to other accounts.
- Firewall Bank Account: This should be a secondary bank account with the minimum and links to non-bank institutions.
While you’re at it, spoke accounts need a reason to exist. If they don’t, close them. Oh, and set up a secure email address for the account.
Simplifying your financial life is very liberating.
Very smart. What do you think of identity theft monitoring and insurance services? I currently subscribe to one of them, but with insurance you never really know until you actually make a claim; hopefully I never have to!
Hopefully you never have to – I do a bit of the same stuff but DIY style rather than through a service.
https://wallethacks.com/do-it-yourself-identity-theft-protection/
You have lost me on this one.
If all income and all bills are being paid from the Ally bank, where does the Cap One acct come into play?
It’s my firewall between Paypal and everything else.
Yes, we use about the same strategy for our bank accounts and also credit cards.
These hackers are not joking these days so we gotta protect ourselves as much as we can.
I never thought of a “firewall” account as a buffer, but that is a great idea. Are you concerned about the security systems of other banks, or just the PayPal account?
Any money transfer account (Dwolla, Venmo, Paypal, etc.) falls under the same category as “not as secure as a bank” so they get the same treatment.
I understand your concept, but if the firewall account (Capital One) doesn’t connect to your hub account (Ally) , how does money get into and out of the firewall account?
It connects to another account at Capital One (ING), I have two accounts there, and that one is attached to Ally.
Why not just have multiple checking accounts open at Ally instead of involving a second bank? If the goal is to add a second banking institution to provide an extra level of security, I’d think it would make more sense to have the Capital One account in your diagram be the account that pays your credit cards and funds your investment accounts. In other words, Ally –> Capital One –> Everything.
The account I use as a firewall predates my Ally Bank account, this was bank when I was opening new accounts to write reviews on an older personal finance blog.
Where does the Bank of AmerIca account that you mention fit in to this? It’s not shown in your diagram.
Oh, it’s a legacy account that I used to use as my hub before I relied on Ally. The image I share isn’t my complete financial map, just the part that matters and would be useful to see. 🙂
If I understand this right, the Capital One 360 in your map is actually 2 accounts (an account with a sub-account). The Capital One 360 sub-account is the firewall. The Capital One 360 main account is the link between the firewall account and your main hub at Ally. Is that correct? Does the sub-account have the ability to draw from the Capital One main account or does the main account initiate transfers? I have an old ING/now Capital One account but have never used the sub-account feature. I like the idea of a firewall account for everything. Did you (or… Read more »
Yep, you got it!
The subaccount and the main account are managed by the same login. I didn’t think about adding one for paying bills, but in theory it could help if a biller might accidentally overbill you – thus creating an overdraft situation. Generally, I think it’s more hassle than its worth though.
Useful. I don’t currently connect PayPal or any online payment service to my bank account, but if I did, I would definitely use this approach.
Always a good idea to isolate online activity from primary bank accounts. We use a similar approach in our credit cards, keeping a separate card for online transactions from the one we use for recurring monthly charges.
How do you get money out of Paypal?
Even my Paypal isnt connected to my bank account but one of my credit cards (CC) is.If i am using paypal for an online shopping transaction my CC is charged. However i use Zelle to transfer money to folks and that is tied to one of my main bank account (BK1). in this case do you suggest i need to get rid of the BK1 and instead link another bank account (BK2) that would act as a firewall account. If so, would BK2 will have $1 and do I need to fund BK2 from BK1 every time I need to… Read more »
This is brilliant! I had to read it over twice because I didn’t want to ask any stupid question haha but I think I got it. My husband is a big security freak and I think he would enjoy setting this up for fun (because this is fun for him oddly enough) so I’ll forward this. Thanks Jim!!!
After reading the comments and staring at the map, I am still confused. The arrow directions make it look like you only use Paypal to receive money. Do you not use it to spend (ebay, online purchases, etc)? If you do use it to spend, then I’m confused as to where it pulls the money from. It seems like it should pull money from the Cap 1 sub-account, correct? But does that mean that for every transaction, you need to transfer money from Ally into the Cap1 primary account, and then transfer from Cap1 primary to the sub-account? That would… Read more »
Sorry, the arrows indicate how the money can be pulled. So Ally can pull from Capital One 360 but Capital One 360 can’t pull it from Ally. The link can send money either way, it’s just a matter of which account can do the transfer.