Jump to content

On line banking, becoming too secure?


Chancer
 Share

Recommended Posts

I have just been deregistered for on line banking with Nationwide because I was too lazy to get up for my bank card and card reader, I used the same number and memorable word that I have used since I set the account up 10 years ago, I am 100% certain, after the first refusal I tried again thinking I had mistyped, it then deregistered me saying that I had made 3 unsucessfull attempts, I made 2, I am 100000% sure of that!

Now it wants not only a memorable place, but a memorable name and a memorable date, it wont allow my birthday and I just dont have any others that include the year, I know my late mothers birthday (its memorable in its own way) but have forgotten my late fathers birthday and when we were brought up we were not allowed to know how old our parents were.

So I have chosen a place that I can remember, the same one that it didnt like today, a memorable name I probably wont recall and a memorable date that I am certain to forget, they will now send to my UK address a new internet banking number which and access number neither of which will I ever remember without writing down plus I will need to recall and spell correctly 3 other (not) memorable things.

I did well to remembering correctly an access code and number for 10 years its going to be damned hard from now on. They have increased their security with the cardreader whilst making us carry around yet more junk why do they have to create all these extra levels of security?

My other bugbear, sites that want a password/code that has to be 8 digits long with numbers and letters meaning I cant use the code I have been using all these years, yes I know I should have a different one for all of them but how many can a man remember in his twilight years?

Verified for Visa is a real pain, I have lost count of the times it has done the above to me, the problem is it wont accept a password that I have already used, its kicked me out so many times that I cannot think of a new one it hasnt already had!!!

I am beginning to warm to the French system that sends you an SMS, now that I finally have a mobile thanks to Free.fr it works well but what if I want to pay a bill or use my card to buy something on line while I am in the UK or overseas?

Link to comment
Share on other sites

AARGHH!!!

What happens next?

  • You’ll receive a letter in the post within 3-5 days containing your customer number and secure passnumber.
  • For your security, log in as soon as you receive your details.
  • If you have a Visa debit card, you’ll also receive a Card Reader which you’ll need to carry out certain transactions online.

Does that mean that I wont be able to use the cardreader that I have and will have to have this one sent over?

This kind of junk must be costing them a fortune.

Link to comment
Share on other sites

I've stopped shopping with any on line shop that has verified by visa , i've run out of memorable passwords, I was wondering if I was the only one as it can't do the business any good. And don't even get started on my BNP Paribas card where 9 times out of 10 I can't order anything online. Its driving me nuts :-)
Link to comment
Share on other sites

Can you use your Free.fr mobile in the UK? If you can, the sms comes through same as if you were in France.

Verified for Visa, yep, I'm running out of new passwords as well.

All these passwords and not allowed to write any down, they must seriously think people have nothing else to put in their brains.

Years ago I banked with Santander, that beautiful relationship ended when they locked me out of my online account, and when I phoned up, the security question was: list 2 recent transactions on your account. Well that's exactly what I'm trying to log in to find out, isn't it, and I don't know yet cos you won't let me log in...They never did let me log in.

Login to my UK online banking: type 2 words, then wait for a new screen, then 9 mouse clicks. Login to French online banking: type 1 character plus total of 6 mouse clicks, all on same screen - and feels more secure.
Link to comment
Share on other sites

We had our french card reader first, but not to get onto the account,which remains the same as always, just to use to make some transactions and then I get it wrong sometimes.

Then the UK ones came and I had arguments with them as the phone banking has another different password, which I have just realised I no longer know. And the reason I call the phone banking is because the other system is playing up.

 

I really do not know what they need to do. The worst bank we have in the UK is the Yorkshire Bank with what I deem excessive questions, but they will say that it is just to have a secure account!

 

And I agree I am running out of memorable things to use and more importantly remember.

 

Link to comment
Share on other sites

Maybe they would make a spoof film where J bond or B willis is about to save the world by actually paying the ransom and it all goes pear shaped cos of the pass words [:D]

The thing is they actually need the levels of security because so much fraud goes on, Remember J Clarkson taking the P out of the system, gave out account No and sort code, within a few mins his account was hacked and an amount gifted to charity.

http://www.theregister.co.uk/2008/01/07/clarkson_bank_prank_backfires/

Link to comment
Share on other sites

A little gizmo that you are now obliged to carry with you if you want to access your account on line, you put your bank card into it, press a confusing sequence of numbers, enter your pincode, follow some more prompts and eventually it shows a convoluted series of numbers which and I quote "you must enter exactly as they appear on the screen".

I forgot to add that you must also carry your glasses to be able to read the damned thing and if you enter the sequence exactly as it appears 6735 0624 it wont accept it, try one more time and you get the online banking cancelled once again for failing three times, Nationwide and I doubt they are alone here, do not realise that two attempts is not three attempts and that to copy a sequence of numbers exactly to most intelligent people would include the space between the two groups.

I love the idea of the James bond spoof, they missed that idea when they filmed Johnny English.

A friend gave me a good tip for memorising a long password with numbers or letters, use a registration number of a memorable car that you have owned, we guys at least seem to remember them, 4 letters and 3 numbers unless you had a personalised or pre 63 reg, you can also write down "Austin Allegro" [6] in some security.

I have access to a list with all my accounts and passwords written in a cryptic manner, not safe but essential I am afraid, the problem is whilst the cryptic descriptions and cluse make sense at the time later on when i need them I think "what muppet thought this up?" I am not very good at crosswords!

Forums are just as bad!!!!!

Link to comment
Share on other sites

[:)]

It is my understanding, Chancer, that the main security problem for your passwords etc is on line, not at home.  In other words if you keep a list of the passwords/numbers and change them on a regular basis and keep them as obscure as possible, this is far safer than using stuff that a hacker could figure out from info' he could glean from other stuff stored on line, but which you find easy to remember.  The chances of somebody breaking in, searching for the place where you store your password into', nicking your computer and getting your info' that way are very limited in comparison.  Thus, I must admit that nowadays I tend to write my passwords down and make them a lot more random than I used to.  I can't imagine the average burler finding where I've put them either, I think they'd be far more interested in nicking the telly and the laptop!

Link to comment
Share on other sites

When I'm going away I write the passwords in my diary (oops, I guess that now all the members of this forum will be trying to nick my bags whilst I'm on my travels) and change them when I get home. 

Remembering the location of one piece of paper is far easier than 20 different passwords (which is what it amounts to these days since nearly every different institution/mail server/bank/online shop etc - seems to want one[:-))]).

Link to comment
Share on other sites

Clarkson's account wasn't actually hacked as such - in that no one gained access to his online banking. I think what actually happened was that somebody just filled in a Direct Debit form for the charity (possibly on their web site so that there would be no need for a signature) and put his bank details on it.

 

I agree that banks are becoming a bit "too secure" - a lot of it is paranoia winning the battle against common sense. Nationwide bringing in the card reader was one of the reasons I switched away from them (the other was the removal of free card usage abroad). I used to be able check my account online at the drop of a hat wherever I was in the world - it was just too much of a pain to have to carry the card reader all the time just in case I needed it.

Link to comment
Share on other sites

[quote user="scragend"]Clarkson's account wasn't actually hacked as such - in that no one gained access to his online banking. I think what actually happened was that somebody just filled in a Direct Debit form for the charity (possibly on their web site so that there would be no need for a signature) and put his bank details on it.[/quote]

Interesting comment.  I think there's something odd about the Clarkson story.  I don't have any recent experience of direct debits in the UK, but if money was taken without some kind of authority from Clarkson himself, he should have been able to get it back from the bank.  I wonder whether he tried?

There are several countries (e.g. Germany, Holland, Belgium, Luxembourg) where people cheerfully disclose their bank account details, on letterheadings and invoices for example, as a normal way of getting paid.  I lived under that system for twelve years and I never heard of any problem.

By the way, Clarkson would have been able to get his money back in France – something that the banks don't always tell you.  

Link to comment
Share on other sites

[quote user="Chancer"]

My other bugbear, sites that want a password/code that has to be 8 digits long with numbers and letters meaning I cant use the code I have been using all these years, yes I know I should have a different one for all of them but how many can a man remember in his twilight years?

[/quote]

 

I know what you mean Chancer.  A quick tally:

4 bank/credit cards - all requiring a PIN, all different and none can be changed by me. (4) One of these also gives a second PIN to verify who I am if I need to ring customer services. (5)  All require a user name and password to access the accounts on line (9) and one will ask a security question based on 3 answers I have supplied (12).

Mobile phone PIN (13)

My computer (work based) user name and password (which is updated every 2 months and you cannot use the same or similar for at leats 5 changes) (19) plus a security number to be given in case of use away from the network (20).

 

Then there are websites that I visit (including this one).  Some will accept your email address as user - but mine has changed 4 times in a decade - so which one was it in 2005?   Others want something else or even tell you a numeric user name that cannot be changed.  All require a password.

So that includes a number of Fora, 5 airlines, 2 railway companies, cheap booking companies, autoroute company, pensions data, links to customer websites, Amazon, Play etc - 37 sites = 74 more sets of data to remember

 

So running total is 94 usernames, PINs and passwords to remember. 

 

No wonder I cannot remember what the wife said to me 2 minutes ago.  There is no more room in my brain unless I throw somethng out!!!!

Link to comment
Share on other sites

My Halifax bank account and my CA one seem fairly secure, with 2 lots of passwords, which is all to the good.

All our passwords are listed in files on our computers, and any which really need to be private are password protected. I do sometimes forget the passwords for them. No problem if OH is around, but what will happen if our memories deteriorate I don't know! Actually, I don't really have dozens of passwords; those for the forums I'm on are the same, or simple variations of the same. I don't go in for having any with squiggles etc and random numbers - they all mean something to me.

Link to comment
Share on other sites

A friend of mine swears by using his Military service number as a password, he reckons he can never ever forget it and that I do believe because I can certainly remember mine, I even remember my father's, how sad is that ?

I think it is impossible to crack the MOD system and get a live persons service number so it seems a safe bet. It obviously would never need to be written down.

I may give it a try myself.
Link to comment
Share on other sites

I've got steam coming out of my ears over my nationwide card reader -

 I have been trying to transfer money from my nationwide account  to my husbands account with another bank - and of course I now  have to use a card reader -

SO  the scenario is as Chancer describes - including putting glasses and bright light on to see  - and everytime I get  the message

My card reader details have been entered incorrectly - Please try again     grrrrh   -

 I must have tried  50 times   !!!   I found 4 card readers - tried different banks - different amounts - grrrhh  ..  

Of course there is no advice as to what to do --   no e-mail number to contact for help - no phone number - grrrrh -  

I will have to go into a branch and ask for help .

I think I may have to change my bank if this sort of carry on continues .

Link to comment
Share on other sites

A couple of tips Cluzo which I would have thought that they would have shared with us by now [:@]

When you enter the amount for say £150.00 you must enter 15000 or you will get the error message, at the very end of course so you wont know what you have done wrong, think of it as entering the amount in pence, if you get out a very large magnifying glass you will see that after entering 15, when you press the next 0 a microscopic decimal place will have appeared as in £15.0, tap in one more zero and it will display £150.00 but not to the naked eye of course [:@]

next hurdle I touched on before, when the reader generates a code you are told to enter the code on the website exactly as it is show, - WRONG!!! [:@]

It will show for instance 4875 2390, you must enter 48752390 without the space or it will again be refused!

Usually Nationwide are excellent with customer relations but like most companies it falls to pieces when the 16 year old introverted spotty geek in the IT department is expected to share the same values.

Link to comment
Share on other sites

One of the earlier posts refers to passwords

A scam that was nearly played on me was a guy emailing saying he had the same surname ( not Brown ) and wanted to do his family tree

Could I give him the details of my family?

He would have got dates of birth, childrens names, grandkids names, mother's maiden names etc, etc

All of which we might use as passwords

Turned out to be a guy from Nigeria sitting at his PC trying his luck

John

Link to comment
Share on other sites

It sounds as if Crédit Agricole isn't secure enough!

There is an number to type in and another to tap in on an online keyboard to access the account.

On the other hand for online purchases  sometimes I have to verify by means of a code sent by SMS, but not for all retailers.

Link to comment
Share on other sites

Yes I too am with them, the texto system seems to work quite well but would have been no use before I got my Free mobile, which isnt by the way, its cost me a whole 78cts this year [:P]

I bought from amazon.fr yesterday with the card and there was no verification, none either to pay the EDF.

On the other hand they cut me off after one failed attempt, again they siad it was 3 although a phonecall without any verification of my identity was all it took for them to send me a new password by texto [:-))]

Link to comment
Share on other sites

[quote user="NormanH"]It sounds as if Crédit Agricole isn't secure enough!

There is an number to type in and another to tap in on an online keyboard to access the account.

On the other hand for online purchases  sometimes I have to verify by means of a code sent by SMS, but not for all retailers.

[/quote]

Norman,

My understanding with CA is that clicking on an ever changing on-screen keypad cannot be hacked because its six mouse clicks, not entering or keying numbers, on a secure site and the theshold value amount that triggers a SMS message being required changes daily

I guess that's right because some transactions I've done of the same value have and then have not prompted a SMS (adding cases with XXXXair )

ps Don't ever try changing your mobile number with CA, its murder
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...