So without trusting them, what dangers would be considerable?
- Get a copy of your login-credentials?
You are safe with certificate based authentication at login.
- “Hijack” your login-session?
No severe harm can be made with certificate based signing of risky operations like moving of funds.
- Observe your personal data?
Possible.