Originally posted by AtW
View Post
-
Yup, unfortunately so... -
With PIN you are fecked basically - the main motivation for introducing it wasn't combat fraud, but to shift liability to the end user (you).Originally posted by fiisch View PostComment
-
According to the actual broadcast, the crims managed a 'divert' the phone back from the bank. A point they skipped over as if it were a 'normal' event. Having said that the drone on the phone ignored the warning from the speech recognition software that the caller was fake.Comment
-
Originally posted by DimPrawn View PostWhy don't phone banking services insist on customers using a two-factor authentication, which requires you to put in your debit card into a reader, enter a pin, and generate a secure code for every transaction. Any bank not using two factor authentication should be 100% liable for every fraud.
I bank with Nationwide and any transaction requires the use of this:
Banks starting to roll-out two-factor authentication in the form of one-time passcode texted to your mobile when doing online shopping.
Want to shop online? Best have a mobile signal - BBC News
One bank that has started sending passwords to mobiles is First Direct. It advised anyone having difficulties to get in touch with them.
"We do have alternative processes for customers who cannot use this method, and they may be required to call us to authenticate," a spokesperson said.
"I would call but if I had a mobile signal I'd have received the passcode in the first place"
How many people live somewhere with internet (to do the online shopping) but no mobile signal?
Maybe tomorrow, I'll want to settle down. Until tomorrow, I'll just keep moving on.Comment
-
Or such slow broadband that the code has timed out by the time it had uploaded, and no mobile signalComment
-
I've used the Authy app for two-factor authentication on some sites so not sure why such an approach can't be used for banking as it works offline afaik, similar to those banking devices pictured up thread.
Texting and phone calls is so last decade. Get with the times banking IT people.
Maybe tomorrow, I'll want to settle down. Until tomorrow, I'll just keep moving on.Comment
-
Originally posted by DimPrawn View PostWhy don't phone banking services insist on customers using a two-factor authentication, which requires you to put in your debit card into a reader, enter a pin, and generate a secure code for every transaction. Any bank not using two factor authentication should be 100% liable for every fraud.
I bank with Nationwide and any transaction requires the use of this:
Happen to use them too. Pain in the bum when you've lost the card reader though."Never argue with stupid people, they will drag you down to their level and beat you with experience". Mark TwainComment
-
That's not true. If you paid someone before you don't have to use it (up to a certain amount I hope) so far I could transfer several 100s of pounds using my mobile app without using the security code thingyOriginally posted by DimPrawn View PostWhy don't phone banking services insist on customers using a two-factor authentication, which requires you to put in your debit card into a reader, enter a pin, and generate a secure code for every transaction. Any bank not using two factor authentication should be 100% liable for every fraud.
I bank with Nationwide and any transaction requires the use of this:
Comment
-
They call people up and ask then to read out the numbers from the reader.
No matter how much you try to engineer a secure system the people using it have a reasonable chance of being morons.Comment
-
If only this country had a security service that can identify creeps who abuse phone lines and then send a physical pursvuasion unit to deal with them...Comment
Comment