📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!

Secure key comes to First Direct

1235712

Comments

  • Doshwaster
    Doshwaster Posts: 6,306 Forumite
    Part of the Furniture 1,000 Posts Name Dropper
    roxy28 wrote: »
    Have HSBC used this secure key for a while?. if so i wonder if there have been many complaints about security, money going amiss etc.

    I've had the Secure Key for about 2 years now. I found it annoying to begin with but I have got used to it. It's small enough to fit into my wallet.

    When I want to do a quick balance check I find the HSBC smartphone app to be sufficient. That doesn't use the Secure Key but the functionality is limited to getting a balance and recent transactions.
  • roxy28
    roxy28 Posts: 670 Forumite
    Ninth Anniversary
    jamesd wrote: »
    I probably won't go with it but it's not necessarily a bad thing. If you do go with it, just remember to never use it to log in unless you intend to do one of the things that requires it.

    Ok.... i just thought if you order one you are forced to use it for every login.
    :T
  • roxy28
    roxy28 Posts: 670 Forumite
    Ninth Anniversary
    Doshwaster wrote: »
    I've had the Secure Key for about 2 years now. I found it annoying to begin with but I have got used to it. It's small enough to fit into my wallet

    So touch wood you have had no real problems with using it on the pc.
    :T
  • jamesd
    jamesd Posts: 26,103 Forumite
    Part of the Furniture 10,000 Posts Name Dropper
    edited 6 September 2013 at 12:01AM
    Key logger can be OK if the code sent is tied to the transaction details. Key logger getting that code won't let it be used to set up a different account or amount, say. Drop down lists aren't immune to key loggers because those can log the stream of Windows/other OS events, not just keystrokes. Unless it is literally a key logger between keyboard and computer that doesn't also install malware as part of how it works. But drop downs do make it harder, so are useful and almost free to implement.

    But that sort of assumption is what a system should be designed to defeat: be secure against theft of money even when an attacker is in real time gathering and using everything the customer is doing. FD fails that sort of high stress situation pretty comprehensively, both without and with SecureKey.

    The NatWest types are inconvenient if you need them but in the NatWest implementation you don't need them to log in or usually make payments. In that respect, but not in the security when it's used for that, it's similar in when it's required to the FD setup, except FD does it at login. But unlike the FD system, this has a chance of surviving in a compromised situation.

    Santander's system works with any mobile phone, not just certain types of smartphone. But not with all text-enabled phones: it can't send to landlines even though many of those can handle text - I can send and receive texts on my landline and that's more secure than my mobile because it's harder to steal, so it would be my preferred number to use.
  • Ifts
    Ifts Posts: 1,960 Forumite
    Part of the Furniture 1,000 Posts Combo Breaker Name Dropper
    Doshwaster wrote: »
    I've had the Secure Key for about 2 years now. I found it annoying to begin with but I have got used to it. It's small enough to fit into my wallet.

    Similar here, I got one of these to use with my HSBC current account a few years ago......

    I also found it annoying to begin with, mainly due to forgetting to have it with me but after a while I got used to using it and like you say it does fit in the wallet easily. I suppose people don't like change.

    I have been caught out though when I had to make a new payment and could not access internet banking because I did not have the keypad thingy with me.
    So now I have used it to link up my Santander account to my HSBC account and if I'm without the keypad I can still call HSBC telephone banking and transfer the money over the phone to my Santander account and then login to my Santander account and make the payment (if its a new payment with Santander they just send you a code to your mobile which I find easier as my mobile is always nearby).
    Never let the perfume of the premium overpower the odour of the risk
  • wiogs
    wiogs Posts: 2,744 Forumite
    Hominu wrote: »
    I can understand their point - after all, who uses Windows smart phones still? I thought they died a death a few years ago? You need to throw it into the local trash can and upgrade to an Apple or Google phone.


    I think you need to do some research into mobile phone technology to realise that Windows smart phones are anything but dead.
  • IronWolf
    IronWolf Posts: 6,441 Forumite
    Part of the Furniture 1,000 Posts Name Dropper Combo Breaker
    I dont get why people are so bothered. Its not like banks dont refund you when you are defrauded. If you have any computer savvy at all you can avoid getting your computer hacked.
    Faith, hope, charity, these three; but the greatest of these is charity.
  • Hominu
    Hominu Posts: 1,671 Forumite
    00ec25 wrote: »
    I don't know the technical details but I don't see how Santander is better than others since you have to type the codes in so are wide open to a key logger. At least with Halifax it is select from the drop down list so immune (??) to a key logger

    I believe what was being talked about is security on setting up new payments.

    Halifax and TSB can you on your mobile or landline.
    Santander sends a text to your mobile.
    Nationwide, Natwest, Co-Op, etc use a card reader which generates codes based on the transaction information (account number, amount, etc)
    HSBC and soon to be FD generate a simple time dependant code. A fake website can request this code as part of a fake login and then use it to setup a new payment.
    First Direct currently requires none of the above.

    Therefore I'd say that FD is changing from "Worst security" to "Poor security".
  • Hominu
    Hominu Posts: 1,671 Forumite
    wiogs wrote: »
    I think you need to do some research into mobile phone technology to realise that Windows smart phones are anything but dead.

    What has mobile phone technology got to do with market share?

    Using typical market share reports such as NetMarketShare, you can see the typical pattern:

    iOS: 54%
    Android: 28%
    ...
    Windows Phone: 0.97%
    IronWolf wrote: »
    I dont get why people are so bothered. Its not like banks dont refund you when you are defrauded. If you have any computer savvy at all you can avoid getting your computer hacked.

    Its just another thing for the bank to bite back with: "The transaction was authorised by SecureKey, so it must have been you who authorised it.".
  • wiogs
    wiogs Posts: 2,744 Forumite
    Hominu wrote: »
    What has mobile phone technology got to do with market share?

    Using typical market share reports such as NetMarketShare, you can see the typical pattern:

    iOS: 54%
    Android: 28%
    ...
    Windows Phone: 0.97%





    Its just another thing for the bank to bite back with: "The transaction was authorised by SecureKey, so it must have been you who authorised it.".

    I was replying to your earlier post where you stated that you thought that Windows Smart phones had "died" years ago.

    They haven't - do keep up.
This discussion has been closed.
Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 350.5K Banking & Borrowing
  • 252.9K Reduce Debt & Boost Income
  • 453.3K Spending & Discounts
  • 243.5K Work, Benefits & Business
  • 598.2K Mortgages, Homes & Bills
  • 176.7K Life & Family
  • 256.6K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16.1K Discuss & Feedback
  • 37.6K Read-Only Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.
Update Your Picture