I wish I knew! Since commercial banks are mostly tied to harmful investments you pretty much have to nix commercial banks because AFAIK there is no way to stipulate that your money must not facilitate those investments. That leaves CUs, most of which have eligibility restrictions and most outsource with reckless disregard. But if you use a credit union purely offline, that’s perhaps the best option. If you never login, then there’s a good chance Cloudflare does not see your financial info. So you’ll want paper statements. That means looking for a CU that does not have the paper statement fee. And you also need to scrap billpay, not just because that uses the MitM’d website but also because the billpay service is another giant centralised MitM who likely sells your data. That means either you’ll be writing paper checks and paying postage, or you’re going to arrange for payees to pull the money out (e.g. autopay from the credit card company). But having control is better, so pick a CU that includes free blank checks (which is becoming increasingly less common).
I also suggest getting a checking account /without/ interest. Because that crappy minuscule interest payment of 10¢/month triggers extra reporting and statements, and bookkeeping effort. It’s not worth it.
So, ideally:
free paper statements (funny how FIs advertise “free e-statements”, which was maybe only worthy of praise in the 1990s)
free checks (now they tend to just give you a paltry 3 or 4 blank checks when you open an account, not even a whole check book; but a thorough investigation may reveal a CU that gives a few whole checkbooks to start and periodic free refills)
no interest
In Germany there’s a bank that will e-mail you your statements so you don’t have to login. It’s the only bank in the world that’s customer oriented like that. They PGP encrypt the statements. Apart from that, banking is a sad state of affairs.
I have a script that resolves the hostname to an IP address, then it checks to see if the IP is tied to a Cloudflare ASN range. But there are many other ways to check:
there is a Firefox plugin called “Cloud Firewall” which can be configured to block Cloudflare sites
without any tools, you can hit F12 in FF or Chromium when visiting a website, and look at the headers. If there is a “CF-Ray” header, then it’s a Cloudflare site.
if you install Tor, then try to visit the website of the CU. If you are blocked or forced through a CAPTCHA, then you are likely on a Cloudflare website if you see “one more step”. It’s best to test with a browser other than tor browser configured to go over tor because those browsers get the worst treatment.
Who would you recommend?
I wish I knew! Since commercial banks are mostly tied to harmful investments you pretty much have to nix commercial banks because AFAIK there is no way to stipulate that your money must not facilitate those investments. That leaves CUs, most of which have eligibility restrictions and most outsource with reckless disregard. But if you use a credit union purely offline, that’s perhaps the best option. If you never login, then there’s a good chance Cloudflare does not see your financial info. So you’ll want paper statements. That means looking for a CU that does not have the paper statement fee. And you also need to scrap billpay, not just because that uses the MitM’d website but also because the billpay service is another giant centralised MitM who likely sells your data. That means either you’ll be writing paper checks and paying postage, or you’re going to arrange for payees to pull the money out (e.g. autopay from the credit card company). But having control is better, so pick a CU that includes free blank checks (which is becoming increasingly less common).
I also suggest getting a checking account /without/ interest. Because that crappy minuscule interest payment of 10¢/month triggers extra reporting and statements, and bookkeeping effort. It’s not worth it.
So, ideally:
In Germany there’s a bank that will e-mail you your statements so you don’t have to login. It’s the only bank in the world that’s customer oriented like that. They PGP encrypt the statements. Apart from that, banking is a sad state of affairs.
How do I evaluate a CU’s privacy in the manner you do?
I have a script that resolves the hostname to an IP address, then it checks to see if the IP is tied to a Cloudflare ASN range. But there are many other ways to check: