We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
We're aware that some users are experiencing technical issues which the team are working to resolve. See the Community Noticeboard for more info. Thank you for your patience.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Secure key comes to First Direct
Options
Comments
-
drinkduffbeers wrote: »They don't seem to be in any hurry rolling this out to me
Anyone else still waiting?
Still waiting but in no hurry to get it!0 -
I have today had confirmation from First Direct that this text on their web site is misleading.First Direct state you don't need to be online to use the secure key:
"Do I need to be online to use the App on my device?
The Digital Secure Key is stand alone. It will work anywhere, without being connected to Wi-Fi or mobile networks. The Banking on the go App, however, needs a connection to link to your bank accounts."
They admit that there is a "mistake" with the design of the mobile app, so that it requires an internet connection in order to start and to generate a secure code.
They "may" change the text on their web page and they are working on resolving this issue with the app - the intention is that it should be possible to use offline, but at the moment it isn't.0 -
On the web page they published to help customers choose device, you are given the impression that if you choose the Digital Secure Key, "You can set up payments to new beneficiaries and new standing orders".
Well, this is actually not true. If you have a mobile device with the Digital Secure Key, you can not set up new beneficiaries. You need to have access to both the mobile device and another tablet/PC, because the mobile device where your Secure Key is installed is regarded as insecure so can't be used to set up new payments...!
Yet another failure for their communication of how this is going to work.0 -
Well, this is actually not true. If you have a mobile device with the Digital Secure Key, you can not set up new beneficiaries.
I don't know what you mean?
The way I read the website FAQs is that you can use either a SecureKey or a mobile device to generate a code, you then go to your PC and enter that code. Standard 2-factor security.
Are you saying that a mobile device is incapable of generate a code sufficient for setting up a payee but a SecureKey can? If so then yes, this is a fail on the part of FD.
But it wouldn't be a problem for me as I'd just ring them up whenever I wanted to create a new payee. As long as I didn't need the SecureKey for logging in and making payments to already existing payees, thats fine with me.0 -
I mean that the following text on their page:I don't know what you mean?Your first option is a [B]Digital Secure Key[/B], accessed through the Banking on the go App on your smartphone. The Digital Secure Key will make logging on to your App much quicker and easier. But you can use this to log on to your desktop or laptop too. With a Digital Secure Key you'll be able to: [IMG]http://www2.firstdirect.com/content_static/images/digitial_secure_icons.png[/IMG] [LIST] [*] You can view account balances [*] You can access statements [*] You can make a payment or a transfer to an existing beneficiary [*] You can access Sharedealing [*] You can set up payments to new beneficiaries and new standing orders [*] You can create and send a secure message [*] You can edit contact details [*] You can order replacement cards, or a new PIN number. [/LIST]
gave me the impression that you could use the mobile device, with Secure Key installed, to set up new beneficiaries. Note that it says "The Digital Secure Key will make logging on to your App much quicker and easier. But you can use this to log on to your desktop or laptop too.", which to me suggested that you could choose either to use the mobile device or a desktop/laptop to do the things they then list in the bulleted section.
No. It is capable of generating a code (as long as you have a data connection via WiFi or 3G) but you can't then on the same device set up new beneficiaries.Are you saying that a mobile device is incapable of generate a code sufficient for setting up a payee but a SecureKey can?
So - if you would like to be mobile and set up new beneficiaries, perhaps (I haven't got one so I can't test it) you need to have the Secure Key and not the Digital Secure Key, and then use the Secure Key to generate a code that you then use to log on using your mobile device without the Digital Secure Key...somewhat counter-intuitive to me.0 -
So - if you would like to be mobile and set up new beneficiaries, perhaps (I haven't got one so I can't test it) you need to have the Secure Key and not the Digital Secure Key, and then use the Secure Key to generate a code that you then use to log on using your mobile device without the Digital Secure Key...somewhat counter-intuitive to me.
Sounds like perfect common sense to me, they want to use the key as 2-factor authentication, so if you are going online from your mobile, you can't use the same mobile to generate an authentication token, but you could use a different mobile, a tablet, or a PC.0 -
I am all in favour of strong security, when implemented in a way that makes sense.Sounds like perfect common sense to me, they want to use the key as 2-factor authentication, so if you are going online from your mobile, you can't use the same mobile to generate an authentication token, but you could use a different mobile, a tablet, or a PC.
It is perfectly possible to pick up my smartphone, use the FD app to generate a Secure Code, then swap to the smartphone browser app, set it to emulate a desktop browser, go to the FD web page, log in using the secure key you just generated on the same smartphone and voilà, you have logged in and are able to create new beneficiaries.
So - if the reason FD has implemented their mobile app this way is that they want to prevent someone from using the same device to both generate the code and use it to log in, then they have failed.
My main complaint, however, was with the way that the functionality was described in their communications that were supposed to help people make an informed choice between the two secure options.
And, in any case, I find this a more clunky way of implementing security than the SMS-based OTP system used by many other banks.0 -
i have the Secure Key for HSBC Prem and the 'security key' for HSBC Business accounts. don't have a problem with either.:think:0
-
And, in any case, I find this a more clunky way of implementing security than the SMS-based OTP system used by many other banks.
Completely agree with you, if you have a phone to download the app onto, you have a phone which they can text a number to.
I'm guessing that since HSBC has been using SecureKey they have figures to prove that fraud has gone down and something like 90% of customers are happy with it, so it makes sense for FD to adopt it also. They probably have the bits to plugin to there website as well, making development of mobile app and website easier. It also means they can cope with people who don't have mobile phones (although I'd just get them to ring an automated service)0 -
They admit that there is a "mistake" with the design of the mobile app, so that it requires an internet connection in order to start and to generate a secure code.
They "may" change the text on their web page and they are working on resolving this issue with the app - the intention is that it should be possible to use offline, but at the moment it isn't.
This has now been resolved in the latest version of the Android app, so you can generate a code without internet access. :T0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 350.8K Banking & Borrowing
- 253K Reduce Debt & Boost Income
- 453.5K Spending & Discounts
- 243.8K Work, Benefits & Business
- 598.6K Mortgages, Homes & Bills
- 176.8K Life & Family
- 257.1K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards