We’d like to remind Forumites to please avoid political debate on the Forum.

This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.

📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!

Password Tools - Invalidate Banks T's and C's

Red_Ant
Red_Ant Posts: 75 Forumite
in Savings & investments
I notice with the new Barclays T's and C's you invalidate your fraud protection if you use one of those aggregation tools - I assume they mean something like Lovemoney.com. I wonder if there is a risk they will extend this to include tools that manage passwords and offer an online storage facility for them - even if you don't use it. Has anyone tested this with the Banks ?
«134567

Comments

  • nzseries1
    nzseries1 Posts: 2,240 Forumite
    I guess it depends what exactly they say in the terms and conditions - hopefully it's more specific than "if you use one of those aggregation tools".

    I bet though that it certainly does extend to the use of any tool at all to manage passwords. Although I'm not sure what you mean by "even if you don't use it" - they can't get you for something you don't use?
    You're spelling is effecting me so much. Im trying not to be phased by it but your all making me loose my mind on mass!! My head is loosing it's hair. I'm going to take myself off the electoral role like I should of done ages ago and move to the Caribean. I already brought my plane ticket, all be it a refundable 1.
  • Sparky47
    Sparky47 Posts: 314 Forumite
    Red_Ant wrote: »
    I notice with the new Barclays T's and C's you invalidate your fraud protection if you use one of those aggregation tools - I assume they mean something like Lovemoney.com. I wonder if there is a risk they will extend this to include tools that manage passwords and offer an online storage facility for them - even if you don't use it. Has anyone tested this with the Banks ?

    You don't need to use a password with Barclays online banking because they use a card reader to login.
  • Biggles
    Biggles Posts: 8,209 Forumite
    1,000 Posts Combo Breaker
    Sparky47 wrote: »
    You don't need to use a password with Barclays online banking because they use a card reader to login.
    A card reader is one option, I log in with just a passcode and memorable word.
  • savetilibleed
    savetilibleed Posts: 1,363 Forumite
    Part of the Furniture 1,000 Posts Combo Breaker
    I questioned Coventry BS about KeePass, I put their response HERE.
  • withnell
    withnell Posts: 1,629 Forumite
    Sparky47 wrote: »
    You don't need to use a password with Barclays online banking because they use a card reader to login.

    Its based on a standard algorithm, with Egg Money Manager if you give them the card number and security code they can log in for you
  • Sparky47
    Sparky47 Posts: 314 Forumite
    Biggles wrote: »
    A card reader is one option, I log in with just a passcode and memorable word.

    You need a card reader to add a new payee and once the card reader is activated on your account, you need it to login every time.
    I certainly don't get the option to login with a passcode any more.
  • Red_Ant
    Red_Ant Posts: 75 Forumite
    nzseries1 wrote: »
    I guess it depends what exactly they say in the terms and conditions - hopefully it's more specific than "if you use one of those aggregation tools".

    I bet though that it certainly does extend to the use of any tool at all to manage passwords. Although I'm not sure what you mean by "even if you don't use it" - they can't get you for something you don't use?

    I meant that you may use a product that has a facility to store passwords online as well as locally, but only use it for local password storage.

    I had a promotional email for the Egg Money Manager, with the line "It's safe, secure and covered by the Egg guarantee" - but that's no consolation if your money is held elsewhere.

    Given people have to shop around so much to get decent rates these days, the demand for "simple to manage" online accounts will increase. If we accept these aggregation products will never be accepted by the Banks' Security Policies, then at least people will look at online accounts that are reasonable practical - e.g. that don't need a card reader to do a simple daily check on a balance, or to make a simple repeated payment to an established recipient.
  • masonic
    masonic Posts: 27,912 Forumite
    Part of the Furniture 10,000 Posts Photogenic Name Dropper
    edited 14 April 2010 at 8:33PM
    Red_Ant wrote: »
    I meant that you may use a product that has a facility to store passwords online as well as locally, but only use it for local password storage.
    If you intentionally give your bank card and PIN to someone else and all of a sudden your money starts disappearing, the bank might not cover your losses.

    Similarly, if you intentionally give your online banking details to some third party software and all of a sudden your money starts disappearing, the bank might not cover your losses.

    Bottom line is, the bank doesn't trust everything you trust. For this reason, the absolute minimum you should expect of password managing software is plausible deniability.
  • blueberrypie
    blueberrypie Posts: 2,402 Forumite
    Part of the Furniture 1,000 Posts Combo Breaker Name Dropper
    masonic wrote: »
    If you intentionally give your bank card and PIN to someone else and all of a sudden your money starts disappearing, the bank might not cover your losses.

    Similarly, if you intentionally give your online banking details to some third party software and all of a sudden your money starts disappearing, the bank might not cover your losses.

    The main account aggregators (Egg and FD) are based on Account Unity, and all three work in the same way: your on-line banking details never leave your computer. They are stored in an encrypted form in a file held locally (or on a removable drive if you choose that option) - they are never provided to the aggregator.
  • masonic
    masonic Posts: 27,912 Forumite
    Part of the Furniture 10,000 Posts Photogenic Name Dropper
    edited 14 April 2010 at 11:58PM
    blueberrypie wrote: »
    The main account aggregators (Egg and FD) are based on Account Unity, and all three work in the same way: your on-line banking details never leave your computer. They are stored in an encrypted form in a file held locally (or on a removable drive if you choose that option) - they are never provided to the aggregator.
    It is somewhat irrelevant what you believe about the aggregator. It is not an open source product, so it is not possible to verify what it does or what it does not do, and even if the source code was available it would be next to impossible to say with certainty that it was written perfectly, with no flaws that could be exploited or hidden back doors that could expose your data. You might choose to trust it. However, the bank may not. If you provide login details to a product that is not endorsed by the bank, then they are going to look at it no differently than you posting those details here on this forum. Your best way out in the event you fall victim to some sort of electronic fraud is to hope they never find out you used the aggregator.

    Consider this hypothetical situation...

    You use Egg Money Manager. Your bank prohibits the use of any account aggregation software in their T&Cs. Some money disappears from your account. Your bank learns that you have shared your login credentials with the Egg Money Manager software, thereby contravening it's T&Cs. Your bank claims you have intentionally entered your login details into a piece of software that is not controlled by them and it is probable they have been compromised as a result (for example, a flaw in Egg Money Manager exposed your details). Egg insist that their software is secure and there is no way the loss has any connection to them. How do you get your money refunded?
This discussion has been closed.
Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 352.1K Banking & Borrowing
  • 253.6K Reduce Debt & Boost Income
  • 454.2K Spending & Discounts
  • 245.1K Work, Benefits & Business
  • 600.8K Mortgages, Homes & Bills
  • 177.5K Life & Family
  • 258.9K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16.1K Discuss & Feedback
  • 37.6K Read-Only Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.
Update Your Picture