Is it safe to log in to my bank on public WiFi?
It carries more risk than a secure private connection, but is generally safe if you connect to the bank's official app or HTTPS website — the main danger is connecting to a fake hotspot.
Last reviewed: 1 June 2026
Explanation
Public WiFi security risks have diminished significantly with the universal adoption of HTTPS encryption, which protects the content of your communications regardless of the network. The greater risk on public WiFi is a 'evil twin' hotspot: a fraudulent access point mimicking a genuine one (such as 'CoffeeShop_Free_WiFi') that intercepts traffic and may serve fake website pages. To stay safe, confirm the hotspot name with the venue before connecting, prefer using your mobile data network for banking, and never access banking on a network you did not verify. Enable your phone's automatic HTTPS-upgrade setting and consider using a VPN on public networks. Never ignore certificate warnings in your browser — they can indicate you are being intercepted.
Common red flags
- Hotspot name is generic and you cannot verify it with the venue
- Your browser shows a certificate warning on a banking site
- You are prompted to install a certificate to use the network
- Banking app behaves unusually or asks for additional unusual confirmations
What to do now
- Verify the hotspot name with venue staff before connecting
- Use mobile data for banking when in doubt about a WiFi network
- Never proceed past certificate warnings on banking websites
- Log out of banking sessions when finished and avoid saving passwords in browsers
Frequently asked questions
Does a VPN make public WiFi banking completely safe?
A VPN adds a meaningful layer of protection by encrypting your traffic through a private tunnel, but it does not protect you from all threats, including malware already on your device.