First Direct withdrawing 'limited access' online banking

[Deleted User]

I got an email from those knuckle-draggers at First Direct telling me that from September I won't be able to log on to their online service via the password and memorable data; I will have to use that bloody stupid SecureKey every time, even if I just want to see the balance. They claim this is because of the new regulations. BS! The new regulations state nothing of the sort. BOS have implemented a system that registers your PC as a trusted device. Marcus send a OTP to your email. First Direct though - they are going backwards, forcing you to carry something with you at all times if you want to access online banking via a PC. I wonder how much fraud there's been via limited access banking? Not very much I'd guess. I might kick them into touch; bloody morons.

Willing2Learn

The European Union second Payment Services Directive will require "strong customer authentication" on most electronic payments in the European Economic Area from September 14, 2019. The requirement ensures that electronic payments are performed with multi-factor authentication, to increase the security of electronic payments.

Brewer20

Those knuckle draggers are keeping your money secure, is it that much of a pain to have to input extra security?

[Deleted User]

Brewer20 wrote: »

Those knuckle draggers are keeping your money secure, is it that much of a pain to have to input extra security?

In a word, yes. Due to the reason explained - having to have the device with you if you're accessing the service.

eskbanker

johnsmith1890 wrote: »

I got an email from those knuckle-draggers at First Direct telling me that from September I won't be able to log on to their online service via the password and memorable data; I will have to use that bloody stupid SecureKey every time, even if I just want to see the balance. They claim this is because of the new regulations. BS! The new regulations state nothing of the sort. BOS have implemented a system that registers your PC as a trusted device. Marcus send a OTP to your email. First Direct though - they are going backwards, forcing you to carry something with you at all times if you want to access online banking via a PC. I wonder how much fraud there's been via limited access banking? Not very much I'd guess. I might kick them into touch; bloody morons.

It's hardly surprising that banks have interpreted the new regulations in different ways and adopted varying approaches - the technical standards were published in March 2018, 18 months ahead of implementation in September 2019, but with less than three months left to go, the EBA have last week issued an opinion document about what's deemed acceptable!

https://eba.europa.eu/documents/10180/2622242/EBA+Opinion+on+SCA+elements+under+PSD2+.pdf

I take your point about the amount of fraud conducted via FD's limited access service but strongly suspect that they've simply deemed it untenable to persist with a two-tier security model when trying to comply with the increasingly stringent regulations, so the loss of a less secure but limited function capability is just collateral damage, inconvenient though it is to those who use it (including yours truly!)....

System

Can you not use their phone app to authenticate?
I know that their parent bank HSBC UK allows this.

eskbanker

Heng_Leng wrote: »

Can you not use their phone app to authenticate?
I know that their parent bank HSBC UK allows this.

Yes, you can, they include Digital Secure Key functionality within their app and they actively promote that rather than the physical variant:

https://www1.firstdirect.com/help/secure-key/

colsten

johnsmith1890 wrote: »

..... forcing you to carry something with you at all times if you want to access online banking via a PC.

johnsmith1890 wrote: »

In a word, yes. Due to the reason explained - having to have the device with you if you're accessing the service.

The something or the device can be your mobile phone. Don't you have one that can run the FD app?

As an aside, using the app would also be massively more secure than using a PC when you are not at home. Though how often do you have a need to log into your FD account when not at home?

18cc

Personally I think this is an excellent idea get rid of memorable information completely I want my account to be totally and utterly secure if only Nationwide would do the same

Terry98

I have quite a few banking apps that work very well but FD have got to sort out the secure key by September otherwise quite a few of their customers will be leaving.

It was only after I had the app for a few months that I realised I could have a fingerprint login using the secure key. It appears the only way to set it up is via the phone using another phone.

When I changed my phone a few months later the secure key was left on my old phone and the only way to get it back was ringing them up again.So I gave up and just used the app the old way.

colsten

Terry98 wrote: »

It was only after I had the app for a few months that I realised I could have a fingerprint login using the secure key. It appears the only way to set it up is via the phone using another phone.

I never had to ring them to set up touch ID, or face ID. I just enabled it in Security Settings and it was done.

Terry98 wrote: »

When I changed my phone a few months later the secure key was left on my old phone and the only way to get it back was ringing them up again.So I gave up and just used the app the old way.

Changing phone can be a major undertaking. Even if you restore a backup from your previous phone, you can lose data and/or functionality. For example, your Health data on iPhones doesn't get preserved, and you might have to set up your Apple Wallet again from scratch. I haven't experienced any problems with the 19 banking apps I have. They migrated smoothly to my new iPhone. The only thing they asked is whether I want to use face ID, where I previously had used touch ID.