We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
We're aware that some users are experiencing technical issues which the team are working to resolve. See the Community Noticeboard for more info. Thank you for your patience.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
First Direct & Card Readers
Options
Comments
-
[Deleted User] wrote:Secure Key/Card reader...
It is still something additional that is not required IMO.
Like most things, some people like them like dr and some people do not.
I just think they are unnecessary and just something else for me to misplace.
Unless I am missing something you will be able to have the secure key on your mobile. Do you frequently misplace your handset?Money is a wise mans religion0 -
I don't see any reason for leaving if your phone is iPhone or Android.
It's not - its balckberry and the 3G signal is so poor around here that I only really have the internet on my phone at home - don't have it at work etc, and spend a lot of time roaming with data switched off
So as far as I am concerned it is a reason for leaving!Weight loss challenge, lose 15lb in 6 weeks before Christmas.0 -
-
Unless I am missing something you will be able to have the secure key on your mobile. Do you frequently misplace your handset?
Not at all.
As I have posted, I would be much happier with the secure key on my mobile but being a Windows phone user the option is not available to me.0 -
Archi_Bald wrote: »That's ok for you. It is not for me since I still live a happy life without my mobile being with me at all times. Also, I just don't want any banking apps on my mobile.
I agree about not having banking apps on a mobile. Dodgy ground.
However a keygen is something entirely different.
> I still live a happy life without my mobile being with me at all times.
I'm not one who's tied to my phone, I've just chosen one that doesn't have a massive keyboard or screen and is small, slim and easier to keep on me than leave lying around.
Obviously, each to their own. For me and many others, what they are proposing is far more ubiquitous than keyfobs or card readers that others force upon you and expect you to carry - it seems relatively well thought out.
Not quite as universal as the Santander SMS code, but up there among the best compromises between security and convenience.0 -
It's not - its balckberry and the 3G signal is so poor around here that I only really have the internet on my phone at home - don't have it at work etc, and spend a lot of time roaming with data switched off
So as far as I am concerned it is a reason for leaving!
Thats terrible, I did not realise that people still bought Blackberries.:DThat gum you like is coming back in style.0 -
Are you aware that the android keygen app probably wouldn't require any data usage at all when you're abroad?0
-
Are you aware that the android keygen app probably wouldn't require any data usage at all when you're abroad?
I'd imagine that trying to keep everything secret inside an Android app would be a very poor security decision as it could be hacked to reveal how the whole process works.
So therefore I'd expect the app to require data connectivity to authenticate you.0 -
Easy decision. Say no. Other than losing the secure messaging facility you keep the facilities that FD has offered until recently anyway.
It'd be nice if they weren't lying and claiming that it's "to keep your money safe", though.
Nice buzzword use. Now tell me how requiring the authentication every time will not condition users to supply the authentication to every man in the middle variation going, whether it's a site that relays the authentication in near real time and mimics the real site but does additional transactions or OS or browser hosted variations. Training end users to always provide credentials that are really only needed for higher risk operations is poor practice because it means that every session is vulnerable to compromise, not just the ones where the user is doing something that requires more security.Google for "man in the browser"
This is something that the NatWest variation does better, only requiring extra credentials when they are actually needed, so alerting the end user if they are requested unexpectedly.
There is, hopefully, always the option for end users to not use the token-based authentication for most transactions, so they can compromise their sessions only when required.0 -
I'd imagine that trying to keep everything secret inside an Android app would be a very poor security decision as it could be hacked to reveal how the whole process works.
So therefore I'd expect the app to require data connectivity to authenticate you.
Not at all, a unique starting number is generated, and it changes every minute or so. The number it changes to is predictable, based on the previous value of the number.
To back up my view - google authenticator that they use for email doesn't require constant network access.0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 350.9K Banking & Borrowing
- 253.1K Reduce Debt & Boost Income
- 453.5K Spending & Discounts
- 243.9K Work, Benefits & Business
- 598.7K Mortgages, Homes & Bills
- 176.9K Life & Family
- 257.1K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards