We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Annoying changes to security on Nationwide
Comments
-
I don't blame the banks for it.Socajam said:
You cannot blame the banks for that.Ergates said:
The problem with password via SMS is that if the banking app is also on your phone then it's not really 2 factor authentication - as anyone who has your phone would also receive any SMS sent to it.samwardill said:Nationwide have recently started asking for card reader confirmation for transactions made on their mobile app. They insist that they have always done this but they have never done this on my account before. I used to pay my builder from the app for huge amounts. This is really annoying because it means I need to carry a card reader as well as a mobile phone. I don't know why they can not use a properly authenticated app or a mobile phone text confirmation like other banks.
They can only do so much, and no everyone are going to be happy0 -
OK, but the problem is that banks shouldn't be setting up their SCA systems based on what *some* customers *might* have in place.masonic said:Ergates said:
The problem with password via SMS is that if the banking app is also on your phone then it's not really 2 factor authentication - as anyone who has your phone would also receive any SMS sent to it.samwardill said:Nationwide have recently started asking for card reader confirmation for transactions made on their mobile app. They insist that they have always done this but they have never done this on my account before. I used to pay my builder from the app for huge amounts. This is really annoying because it means I need to carry a card reader as well as a mobile phone. I don't know why they can not use a properly authenticated app or a mobile phone text confirmation like other banks.In some cases this will be true, but a phone secured with a strong password or biometrics and set to lock after a short time would be 2FA as anyone would need device + lockscreen password or device + biometrics to gain access to the app.It is also good practice in this age when SMS is wrongly treated as secure, to configure your device not to display the contents of SMS messages on the lockscreen. Unfortunately there are no mitigating steps you can take against SIM-swap.0 -
IMHO if you can't be bothered to put a strong password on your smartphone's lockscreen, you shouldn't have any banking apps set up on your phone. People need to take a bit of personal responsibility for their own security. I'm personally not in favour of banks imposing draconian measures on everyone to protect the irresponsible.Ergates said:
OK, but the problem is that banks shouldn't be setting up their SCA systems based on what *some* customers *might* have in place.masonic said:Ergates said:
The problem with password via SMS is that if the banking app is also on your phone then it's not really 2 factor authentication - as anyone who has your phone would also receive any SMS sent to it.samwardill said:Nationwide have recently started asking for card reader confirmation for transactions made on their mobile app. They insist that they have always done this but they have never done this on my account before. I used to pay my builder from the app for huge amounts. This is really annoying because it means I need to carry a card reader as well as a mobile phone. I don't know why they can not use a properly authenticated app or a mobile phone text confirmation like other banks.In some cases this will be true, but a phone secured with a strong password or biometrics and set to lock after a short time would be 2FA as anyone would need device + lockscreen password or device + biometrics to gain access to the app.It is also good practice in this age when SMS is wrongly treated as secure, to configure your device not to display the contents of SMS messages on the lockscreen. Unfortunately there are no mitigating steps you can take against SIM-swap.
3 -
Agreed.masonic said:IMHO if you can't be bothered to put a strong password on your smartphone's lockscreen, you shouldn't have any banking apps set up on your phone. People need to take a bit of personal responsibility for their own security. I'm personally not in favour of banks imposing draconian measures on everyone to protect the irresponsible.
Sadly, this applies in all walks of life1 -
Like another poster on here, I am totally fed up with banks, SMS, card readers and passwords. I haven't quite got to the "back to just using branch services" yet, but very close. Nationwide no longer offer me any advantages over others, so I've just stopped using them. The CoOp is currently my favorite as they send any verification via email. Tesco offer retained user-wide payees rather than just account specific, which is useful. With Nationwide I had to transfer to one account to pay someone I had paid previously, which was a right pain. There are so many choices now that there is bound to be a bank that offers you most of what you want/need. Unfortunately none seem to value customer loyalty or listen to what you require, so just switch.
Keef - Sheerness, Kent UK0 -
In the past 13 years since I opened my first adult account, I have experienced fraud once, but probably spent 500 hours or more dealing with anti-fraud measures such as waiting for SMSes, having to call Lloyds because they don't believe I want to send myself £50, having to walk to a branch because the guy on the phone has poor hearing and refused to use the phonetic alphabet. I have zero security on my phone and frequently log in to online banking on public wifi. I use the same PIN for all cards, and same passwords where possible with all banks and accounts. I would gladly reimburse the bank for that £40 fraudulent transaction if some of the more onerous anti-fraud measures were removed.The funny thing is that particular credit card which had the fraudulent transaction always sends an SMS to confirm online transactions, but the fraudulent transaction was performed as a phone sales customer-not-present transaction that didn't require an SMS confirmation.0
-
I was wondering - if somebody managed to hack into your current account, apply for a £10,000 loan online and got an instant decision and then transferred that £10,000 into their account and also transferred up to your credit limit from your credit card also into your current account and then into their account whether you would say ho-hum it's my fault I will gladlt just repay that money or would you be asking the bank for a refund
I don't suppose you would be so blase then1 -
If that is in fact true, you are a brilliant example for why fraudsters are still making a killing, and for why the public at large are getting ever more stringent security measures on bank and other accounts.hermante said: I have zero security on my phone and frequently log in to online banking on public wifi. I use the same PIN for all cards, and same passwords where possible with all banks and accounts.
If there was a #DigitalDarwin award, you'd stand a good chance to win it.5
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 350.6K Banking & Borrowing
- 253K Reduce Debt & Boost Income
- 453.3K Spending & Discounts
- 243.6K Work, Benefits & Business
- 598.3K Mortgages, Homes & Bills
- 176.7K Life & Family
- 256.7K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards