Nationwide card reader now mandatory to login?

innovate

grumbler wrote: »

It's a pity.
However, AFAIK this is the the only reliable protection against sofisticated 'man in the browser' viruses.

EarthBoy wrote: »

That's where it's always been; it hasn't moved.

It must have moved, or some other change has taken place, because AccountUnity hasn't been able to login fully automatically for a couple of days now.

Fella

le_loup wrote: »

Do you now want to delete this post?

No, I stand by every word, it would have been moronic to remove the password option.

Good to see it's still there. It has moved, it used to be directly underneath where you enter the code. Now it's on the side which wasn't visible on my device screen.

izools

I can confirm that the layout of the login screen has changed.

There is a button to the right "Log in using memorable data" - not sure if this has always been there, as I used to use the link in the centre towards the top, which has now certainly been removed.

IMHO it does give the login process a cleaner look.

le_loup

It's where it's always been.

MoneyMate

ceecee1 wrote: »

I've just managed to log on by using my memorable data - no different than usual.

Same with me no change THANK GOD !!!:beer:

Hominu

grumbler wrote: »

AFAIK this is the the only reliable protection against sofisticated 'man in the browser' viruses.

Not true, MiTB attacks can still work - they can still produce phantom transactions once you have logged in and still change transactions as you issue them. It does however stop people using screenloggers and keyloggers from logging into your account from elsewhere.

mauriphonic

they've removed the option to click the 'memorable data' link just above where you completed the identification number, but it still works by using link at the RHS of the page. Threw me too for a while.

grumbler

Hominu wrote: »

Not true, MiTB attacks can still work - they can still produce phantom transactions once you have logged in and still change transactions as you issue them.

I am no expert, but the main point is that the confirmation code for a transaction is based on the details of the transaction, so the details cannot be changed, let alone 'phantom transactions'.

It does however stop people using screenloggers and keyloggers from logging into your account from elsewhere.

Again, I am no expert, but I am pretty sure that the card reader cannot protect from keyloggers and from "logging into your account from elsewhere". And why does it have to stop from logging from elsewhere?

EDIT: I see what you mean about logging in. You cannot log from anywhere without a card, so using keyloggers for getting the login details doesn't help.

EDIT 2: Being able to login without creating new transfers is not a big deal. I think this is the main reason for NW still allowing to bypass the new login in an old-fashioned way.

Fella

le_loup wrote: »

It's where it's always been.

Wrong.

It may always have been on the right of the screen where it is now TOO (I never saw it but I can't say it wasn't), but the fact is until very recently it was centrally placed and now it's not.

So it's NOT where it's always been.

LardyCake

Fella wrote: »

No, I stand by every word....

If you don't want to delete the post, how about at least changing the title?

Maybe to something like:
"I thought Nationwide had disabled memorable data login but that is not the case"

That way you will prevent people wasting their time logging in to their Nationwide accounts to check (or even phoning Nationwide) on a wild goose chase.

No doubt you will say the question mark is sufficient. I disagree.