Concerned about one time codes if my phone is lost, stolen or damaged

helibird

I am getting more and more worried about accessing my bank accounts if  my phone is lost, stolen or damaged. With most of my accounts I would now be unable to access the account if any of the above happened as they insist on sending a one time code for me to login. Has anyone had this problem happen to them? What bank was it and how did you resolve it?

jon81uk

Phone the bank up and they either authorise over the phone or put codes in the post.

JGB1955

With Nationwide you can use a card reader instead of getting a code.

helibird

Hmm, I could see that being inconvenient, for example if I was abroad and my phone was stolen. Surely they should provide an alternate means of verifying a log on - email OTC  plus a security qn or something like that. 

es5595

Yup, ‘sim-swap’ fraud is growing, yet there are very few warnings about it - https://www.bbc.co.uk/news/technology-50043230
As well as sending OTPs to phones, their should be better recognition of using OTP generators, the one built into onepassword for instance means it requires faceid to use, so is useless if the phone is stolen, but with the right credentials I can access my vault from any computer, regaining access to all these passcodes. 

whitesmith

If you lost your phone then 1. ask your phone provider to send a replacement SIM and 2. buy a replacement phone. This means hopefully you will only be without access for a few days.

FD, HSBC do not use SMS (which is inherently insecure so you should avoid banks that use it anyway). Monzo I believe send a link by email to use on a new phone. I don't think Starling or Virgin use SMS either. Not sure about Natwest but they didn't when I have their account some time ago. As above, NWide give you other means to log on.

jon81uk

helibird said:

Hmm, I could see that being inconvenient, for example if I was abroad and my phone was stolen. Surely they should provide an alternate means of verifying a log on - email OTC  plus a security qn or something like that. 

Do you really check your online banking that often when abroad?

I bank with First Direct and it’s pretty easy to sort things over the phone instead if needed.

helibird

Yep I do need to bank while abroad. I go away for 2 - 3 months at a time so regularly want to move money, check credit card and bank balances etc. Carrying several gadgets as well as a phone and a laptop  is a PITA. I have multiple bank accounts to take advantage of various interest paying accounts, different credit card charges plus insurance that comes with some (Nationwide flex plus) so may need to move money between accounts. OK my banking life is complicated but anyone who travels would know what a pain it is when something goes wrong and the thought trying to phone multiple banks from abroad after a lost phone gives me the shudders! An alternative validated method that could be done online is surely a better way to so do things and could be set up in advance.

Blackbeard_of_Perranporth

My codes come to either my mobile or my landline!
Mind you, in Twenty Years, I have not lost my trinket!

etienneg

helibird said:

Carrying several gadgets as well as a phone and a laptop  is a PITA.

A card reader is quite small, and likewise "gadgets" from other banks. I carry a laptop when going abroad and have a card reader and FD "gadget" in one of the laptop bag pockets. Don't make a big issue of it. Problem solved.

The idea of 2FA is reliance on two conceptually different methods - often summarised as "something you know" and "something you have". Passwords fall into the first of these and phone, card reader, etc. into the second. Just using passwords for online access (as you are suggesting when you say "set up in advance") is not sufficient for 2FA.

Uxb1

The Card readers were designed to be used by any card
I've used a Natwest reader while away from home with my Barclays card to authroise a new payment.