We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
We're aware that some users are experiencing technical issues which the team are working to resolve. See the Community Noticeboard for more info. Thank you for your patience.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Banks preventing fraud
Options
Comments
-
You could carry this on ad infinitum. If someone else had access to my computer, or the paper with the magic numbers on it, or or or...
This is the entire point of multi-factor identification.
A fraudster might have your phone OR your computer OR your piece of paper OR some personal information (DOB, mothers maiden name, etc). OR OR OR.
It is far less likely however that they have your phone AND your computer AND your credit file AND your personal information AND your piece of paper etc.
Answering questions from more than one "source" increases the degree of security - essentially removing any single point of failure.0 -
As I say, can anyone explain specifically how answering those questions proves that I'm not trying to commit some huge bank fraud?
They don't. But they aren't intended to, not specifically anyway.
The idea (rightly or wrongly) is to ask you to confirm simple pieces of information that should be immediately accessible to you, and to the Bank, but not to random fraudsters. If the Bank mentioned CRAs, then that's just nonsense.
In my experience, some of these Q&As aren't well thought through. For example, asking how many DDs you have is fine if there are fewer than 2 or 3, but when there are 5, or 10, or 15, no one is realistically going to know the number accurately without checking.
And then there's the whole issue of ID-ing people whose memories are not as good as they once were. What a nightmare that can be.0 -
I disagree - verification Q&A exercises like this are often driven by referring to credit file data held by CRAs rather than just looking at the bank's own account data.Cornucopia wrote: »The idea (rightly or wrongly) is to ask you to confirm simple pieces of information that should be immediately accessible to you, and to the Bank, but not to random fraudsters. If the Bank mentioned CRAs, then that's just nonsense.
In this case OP mentioned that one of the questions was "the date I opened another bank account at another bank", which wouldn't be data that TSB would know....0 -
I disagree - verification Q&A exercises like this are often driven by referring to credit file data held by CRAs rather than just looking at the bank's own account data.
In this case OP mentioned that one of the questions was "the date I opened another bank account at another bank", which wouldn't be data that TSB would know....
Yes, but it isn't as the OP put it: "They specifically told me those questions are from the scammers at the credit reference companies".
Would the info from CRAs be reliable enough to be part of the security validation routine?
TBH, the jury is still out on whether this was the TSB at all.0 -
Cornucopia wrote: »
Would the info from CRAs be reliable enough to be part of the security validation routine?
The reliability or otherwise of the information is not the issue at hand, because data from CRAs absolutely is used in the verification process, by banks and other organisations (HMRC being one).0 -
To be clear (because people are misunderstanding what I wrote)... I am talking about the context of the OP's original question. The CRAs have not demanded that these questions be asked - as the OP's comment implied. If the Bank staff said that they had, then that was nonsense.
If the OP had said/had implied that the data from CRAs was being used to validate a routine log-in security challenge, then that's a different question.
Anyway, have to go, I need to log in to my online banking...
0 -
You seem to be inferring something that OP wasn't implying - my understanding of the process is that TSB would invoke some sort of automated lookup to their CRA of choice, which results in a set of questions (and typically four multiple choice answers for each) being presented for the bank agent to ask the customer.Cornucopia wrote: »To be clear (because people are misunderstanding what I wrote)... I am talking about the context of the OP's original question. The CRAs have not demanded that these questions be asked - as the OP's comment implied. If the Bank staff said that they had, then that was nonsense.
If the OP had said/had implied that the data from CRAs was being used to validate a routine log-in security challenge, then that's a different question.
Therefore it was accurate for the agent to say that the questions were from the CRAs, and I can't see how OP implies anything else - the context is clearly questions being 'supplied by' rather than 'demanded by' the CRAs'!0 -
-
Ah right, I suppose I was just mentally filtering out some of OP's more paranoid ramblings as he/she is obviously one of those imaginative conspiracy theorists who likes to take a gratuitous sideswipe at anything in their (extended) line of fire!Cornucopia wrote: »My inference is being influenced by the use of the word "scammers".0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 351K Banking & Borrowing
- 253.1K Reduce Debt & Boost Income
- 453.6K Spending & Discounts
- 244K Work, Benefits & Business
- 598.9K Mortgages, Homes & Bills
- 176.9K Life & Family
- 257.3K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards