[otalp]

I think the intention is that someone with malicious code placed in the users device still won't be able to access bank details