Do I need a mobile phone to make an online transaction?

passinghamt

My bank has told me it will insist that I receive an SMS message on my mobile when I make an online transaction with their credit or debit card. They claim this is down to new industry-wide regulations and they cannot support any other method.

What does the industry expect people to do when they either have no mobile phone (or need to buy one online because their old one doesn't work!) or who live in areas with no reception?

Surely there must be alternatives, whether by landline, or email, or some other device that can generate a code independently? If not I would claim this is a discriminatory practice, saying you can't do internet shopping without a mobile phone.

Browntoa

Email can be hacked , landline can be intercepted , mobile needs to be in your hands at the time of purchase.

It's not descrimitory

[Deleted User]

Ask if you can receive it on your landline. Obviously you would need to be at home for this to work.

madvicker

It comes down to PSD2 regulations. Without getting technical, it means that all online transactions must go through 2-factor authentication. There are exceptions, but in general it will mean that in future your mobile will be used to authenticate your transactions. And it doesn't discriminate, if everyone needs to do it, then that is not discriminating.....

Chino

Browntoa wrote: »

mobile needs to be in your hands at the time of purchase.

Well, that may be the theory but...
https://www.theguardian.com/money/2016/apr/16/sim-swap-fraud-mobile-banking-fraudsters

The solution for the OP is to vote with his or her feet and choose a card issuer that offers more options for cardholder verification.

jimbo26

In any case it isn't illegal to discriminate on the basis of mobile phone ownership. A term often banded about but discrimination is only illegal if it is used to discriminate against race, religion sex, to name a few. Full list here, but mobile phones aren't on it. https://www.gov.uk/discrimination-your-rights

Buy a cheap phone and a £1 PAYG SIM.

safestored4

I bank with NatWest and don!!!8217;t have a mobile phone. When I paid my Barclaycard account this week online they conducted the verification process via my landline. So not all financial institutions are adopting the approach taken here. I!!!8217;d switch my account to a bank that seems to have some regard for its customers wishes.

Fingerbobs

jimbo26 wrote: »

Buy a cheap phone and a £1 PAYG SIM.

Or order a PAYG SIM totally free from one of the mobile phone network's web sites? No need to even pay £1.

passinghamt

What do people do when there is no mobile signal?

I realise that I used the word 'discrimination' which has a much deeper legal meaning, but nonetheless I do believe such a policy does adversely effect some people, and that this is unfair and avoidable.

Further, there are many articles on the web saying that SMS is not secure enough to satisfy PSD2. This is one. https://www.eba.europa.eu/regulation-and-policy/payment-services-and-electronic-money/regulatory-technical-standards-on-strong-customer-authentication-and-secure-communication-under-psd2?p_p_auth=h2QgTfXh&p_p_id=169&p_p_lifecycle=0&p_p_state=maximized&p_p_col_id=column-2&p_p_col_pos=1&p_p_col_count=2&_169_struts_action=%2Fdynamic_data_list_display%2Fview_record&_169_recordId=1363567

Browntoa

Chino wrote: »

Well, that may be the theory but...
https://www.theguardian.com/money/2016/apr/16/sim-swap-fraud-mobile-banking-fraudsters

The solution for the OP is to vote with his or her feet and choose a card issuer that offers more options for cardholder verification.

SIM swaps can only happen if people are careless with their personal data ( I cannot believe the amount of personal
data people freely give out on Facebook and Instagram or blogs )and a friendly shop worker or call centre worker in most cases.

I use facial recognition and fingerprint access for online banking , are we also going to say that it's unfair to people without devices capable of doing that.

2 step is a necessary evil to stop fraud , as fraud adapts down the line expect even more changes

We are all paying the price for people's carelessness , clicking on links in emails to install that bit of software or " verifying their personal details" on that fake web page . Openly posting birthday , address etc on Facebook without locking down their security levels so nobody apart from close friends can see it . Throwing out bank statements etc in the bin bag without shredding . People's stupidity is forcing us down this route .

passinghamt

Browntoa wrote: »

SIM swaps can only happen if people are careless with their personal data ( I cannot believe the amount of personal
data people freely give out on Facebook and Instagram or blogs )and a friendly shop worker or call centre worker in most cases.

I use facial recognition and fingerprint access for online banking , are we also going to say that it's unfair to people without devices capable of doing that.

2 step is a necessary evil to stop fraud , as fraud adapts down the line expect even more changes

We are all paying the price for people's carelessness , clicking on links in emails to install that bit of software or " verifying their personal details" on that fake web page . Openly posting birthday , address etc on Facebook without locking down their security levels so nobody apart from close friends can see it . Throwing out bank statements etc in the bin bag without shredding . People's stupidity is forcing us down this route .

To repeat, what do people do if they have no mobile phone signal?

The industry need to provide an additional solution that does not reply on mobile phones. For instance, many banks in the UK provide personal card readers that require the users pin to be entered and then display a verification number. That would be a good solution, not relying on mobile devices that are prone to many different security problems and signal failures.