The Top Easy Access Savings Discussion Area

grumbler

masonic said:

grumbler said:

KevinG said:

friolento said:

jak22 said:

There have been grumbles about no PIN on the Tandem app - with access knowing the phone number is enough to get a code. After the latest update the phone now 'helpfully' offers to autofill that. This maybe OS dependent and prob uses the number from the SIM which doesn't update after porting so it's not even a good system. Autofill isn't really the direction we might want banking apps to be taking.

The code gets sent to the mobile you have registered and are using at the time you want to log into Tandem. What would you gain from having to manually check your message inbox, remembering the code and then manually entering it into Tandem? Or to ask the question in a different way: what do you consider the security exposure when the code is autofilled?

Exactly what I was thinking, there is no security risk whatsoever, it is just more convenient.

IMO, it's just pointless. Most people have the app and the SIM in the same phone. Only those few who don't have them in the same phone benefit from some extra security from the code.

The code stops everyone who knows your phone number from being able to install the app on their device and to find out your balance, etc. If they didn't send a code during login, that would be a serious problem. As it is possible to be logged in on multiple devices, and there is no way of finding out about other logged in devices, people could be snooped on without their knowledge.

True, but any thief can do this if your SIM isn't PIN-locked. To me it looks more than 0.5FA rather then common 2FA (or 1FA sometimes for logging in).

masonic

grumbler said:

masonic said:

grumbler said:

KevinG said:

friolento said:

jak22 said:

There have been grumbles about no PIN on the Tandem app - with access knowing the phone number is enough to get a code. After the latest update the phone now 'helpfully' offers to autofill that. This maybe OS dependent and prob uses the number from the SIM which doesn't update after porting so it's not even a good system. Autofill isn't really the direction we might want banking apps to be taking.

The code gets sent to the mobile you have registered and are using at the time you want to log into Tandem. What would you gain from having to manually check your message inbox, remembering the code and then manually entering it into Tandem? Or to ask the question in a different way: what do you consider the security exposure when the code is autofilled?

Exactly what I was thinking, there is no security risk whatsoever, it is just more convenient.

IMO, it's just pointless. Most people have the app and the SIM in the same phone. Only those few who don't have them in the same phone benefit from some extra security from the code.

The code stops everyone who knows your phone number from being able to install the app on their device and to find out your balance, etc. If they didn't send a code during login, that would be a serious problem. As it is possible to be logged in on multiple devices, and there is no way of finding out about other logged in devices, people could be snooped on without their knowledge.

True, but any thief can do this if your SIM isn't PIN-locked. To me it looks more than 0.5FA rather then common 2FA (or 1FA sometimes for logging in).

Indeed. I'm not defending the use of a SMS as the only form of authentication. I agree it's weaker than only requiring a strong password. It relies on you physically securing your device from others at all times, which for most people isn't practical. But having nothing would be much worse.

As well as a SIM PIN, people need to ensure that the content of SMS messages isn't displayed on their lockscreen, which is not usually the case by default.

SAC2334

sheffieldeagle said:

SAC2334 said:

sheffieldeagle said:

grumbler said:

liamcov said:

SirHugo said:

BestSeagull said:

SirHugo said:

BestSeagull said:

janusdesign said:

castle96 said:

Just to confirm - no£3 fee ... TRUE?if I dont bother with cashback, etc. Just want to bung £4k in there

just chatted with Santander...

14:00, Aug 17 - Sarah: The fee is applied after the conditions of the account are met for the first time.
14:01, Aug 17 - You: so if I never use the current account, there is no fee? also, is there a hard credit check done on an application for the current account ??
14:01, Aug 17 - Sarah: That's correct There is, yes

i'm not sure that I can be bothered to apply for a current account that i'm never going to use, just to access a savings account that lasts for a year for £280 in interest - i'll likely wait until there is a switch offer and then use one of my other unused current accounts for that.

I don't think I'm going to bother with this one either, too many hoops.
 And when you think about it, we're not  missing out on £280. Just on the 2% difference between Tandem at 5% and Santander at 7% so that's what, £80. Less if rates continue to rise.

No hoops - less than 10 mins to open the account, opening the Edge saver was immediate, put the 4k in and that's that.

Probably won't use the account but good to have an extra fee free card for abroad. At the end of the day it's a nice little burner account for when the next switch offer comes around that I'm eligible for. I just switched my Santander Everyday account last month.

What about the £3 fee though, and this from MSE? 

"To get it, you need a Santander Edge current account – a bills cashback account with a £3 monthly fee. And to keep the current account you must deposit at least £500 a month and have two or more active direct debits."

If you have a look through the last several pages of this thread you'll see that you don't have to fulfil the criteria you mentioned - it's only needed to activate the cashback element of the account. If you don't set up two direct debits - or pay in the £500 a month - then the £3 fee never kicks in.

The comments about this started around the morning of the 15th August.

Does this work as I also have a San Lite? Can you have both current accounts at the same time?

I have both - joint Edge and sole Lite.

Hi

Anyone have both as sole accounts? I was thinking of applying for the Edge to get the saver at 7%.

Cheers

I have a Santander Everyday current account , no charges , no cash back .I also have the Edge saver with £4k in it, funded from the Everyday Account  and its showing 6.78 % interest when I check. 

This could be a Santander glitch but I hope they honour it, if not I will switch back  to the Edge current account and try and get enough cashback to justify the bank charges.

So you had an Edge account and then downgraded?

Cheers

Yes, under advice from Santander because I was nt earning enough on casback and direct debit payments from the Edge Current  to cover the bank charges . I also moved the £4 k from the Edge Saver ( 4 % at at the time ) leaving a small amount in it 

jak22

The new autofill on the Tandem app isnt, as missed in the upvoted replies, the code received by SMS which has been a feature for ages and is helpful on many devices, but the phone number you enter into the app to get that code sent to unlock.

This phone number is either the number in the SIM which if still correct removes the one thing the user has to know to gain access to the account, or if the number's been ported is likely no longer correct, an annoyance.  Either way its not a benefit.

Some seem happy with the operation of the app relying on only verified accounts being linked - or are happy to set up a SIM lock just because of the way this one banking app works.

friolento

jak22 said:

 

Some seem happy with the operation of the app relying on only verified accounts being linked - or are happy to set up a SIM lock just because of the way this one banking app works.

A SIM lock is a very sensible precaution against SIM swaps for anyone who has banking any apps, or other sensitive apps and data, on their phone, and for anyone who doesn't want to lose access to their mobile. It's nothing specifically required for Tandem, it's just good practice. As is not displaying text messages on the locked screen. If your mobile phone provider supports it, you can further protect yourself by putting a password on your mobile account, so fraudsters couldn't just ring up pretending to be you and asking for a SIM swap.

jak22 said:

The new autofill on the Tandem app isnt, as missed in the upvoted replies, the code received by SMS which has been a feature for ages and is helpful on many devices, but the phone number you enter into the app to get that code sent to unlock. 

This feature has been on my Tandem app from day one, and I have used Tandem for ages now. I can't see an issue with it - quite the contrary, as it saves me typing my phone number.

As an aside, if you type a phone number that isn't registered on your account, they say they have sent a 6-digit code to that number but in actual fact, it never arrives. Not that I have an issue with that, I am just mentioning it, and it is reassuring that the code doesn't get sent to just anyone.

masonic

jak22 said:

The new autofill on the Tandem app isnt, as missed in the upvoted replies, the code received by SMS which has been a feature for ages and is helpful on many devices, but the phone number you enter into the app to get that code sent to unlock.

This phone number is either the number in the SIM which if still correct removes the one thing the user has to know to gain access to the account, or if the number's been ported is likely no longer correct, an annoyance.  Either way its not a benefit.

Some seem happy with the operation of the app relying on only verified accounts being linked - or are happy to set up a SIM lock just because of the way this one banking app works.

That would be a feature of the password manager or OS running on your device, not the Tandem app. You should be able to configure it not to remember your username (phone number) for the Tandem app if you wish. However, it is very easy to find out the phone number of a mobile phone you have in your possession, unlocked, on both Android and iOS devices. You cannot keep your phone number secret from others who have use of your phone. Secure lockscreen settings and a SIM PIN are essential if you register your phone number with any financial institution, as you need to ensure your phone cannot be used by others if it is ever out of your possession.

There is also a feature where the Tandem app will automatically read and submit the code sent via SMS if it is sent to the same device as the app. This is a feature of the Tandem app, and that is the one some of us thought you meant from the description you gave.

I set a SIM PIN long before Tandem existed. There are many more services put at risk if you don't do this than your Tandem app.

KevinG

jak22 said:

The new autofill on the Tandem app isnt, as missed in the upvoted replies, the code received by SMS which has been a feature for ages and is helpful on many devices, but the phone number you enter into the app to get that code sent to unlock.

Not for me it isn't, it's never done that, it's the 6-digit code it sends by text.

where_are_we

For the uninitiated, a pin lock on their sim is in addition to a pin lock screen for their mobile. Search how to do it for your particular mobile. Security of your mobile is more paramount than ever in this day and age and I am amazed at how complacent lots of mobile users are. Last week I found a mobile on a bench while out for a walk and it didn`t even have a screen lock set up.

quirkydeptless

where_are_we said:

For the uninitiated, a pin lock on their sim is in addition to a pin lock screen for their mobile. Search how to do it for your particular mobile. Security of your mobile is more paramount than ever in this day and age and I am amazed at how complacent lots of mobile users are. Last week I found a mobile on a bench while out for a walk and it didn`t even have a screen lock set up.

I have shifted from mostly doing finances from my Laptop to being almost entirely dependent on my mobile phone in just the past few years (2FA and mobile finance apps) and hadn't until Yesterday ever set a SIM PIN lock on it (mainly 'cos I wasn't aware of the extra security feature), so thanks for the useful tip, although I hope it never comes to a point where it is needed.

Drifting off topic, maybe needs to be in another thread.

SeriousHoax

quirkydeptless said:

where_are_we said:

For the uninitiated, a pin lock on their sim is in addition to a pin lock screen for their mobile. Search how to do it for your particular mobile. Security of your mobile is more paramount than ever in this day and age and I am amazed at how complacent lots of mobile users are. Last week I found a mobile on a bench while out for a walk and it didn`t even have a screen lock set up.

I have shifted from mostly doing finances from my Laptop to being almost entirely dependent on my mobile phone in just the past few years (2FA and mobile finance apps) and hadn't until Yesterday ever set a SIM PIN lock on it (mainly 'cos I wasn't aware of the extra security feature), so thanks for the useful tip, although I hope it never comes to a point where it is needed.

Drifting off topic, maybe needs to be in another thread.

If your mobile has a memory card, you can also password that as well.