Is there any worse online banking than HSBC?

Alex9384

ndf9876 said:

My tuppence-worth as a recent switcher to HSBC - I don't think the digital experience is particularly great, nor do I think it's the worst out there. I found Nationwide's online offerings to be far worse, and Lloyds to be far better. As I do 99% of my banking entirely from my smartphone, a feature-rich app is really important to me. When Chase sort their act out, I will certainly look at that account, I'll also look at Monzo and Starling in due course (I don't want to be a serial account switcher!).

I think HSBC app is anything but feature-rich. You'll see that when you open your Monzo. Using HSBC is like going 20 years back in time.

gt94sss2

Alex9384 said:

Anyway, who has Monzo (or any other app-only bank) as their only bank? 

A surprising number of people - I don't understand it either.

Eco_Miser

Alex9384 said:

American Express only requires login and password. That's it.

Tesco, only login, password and memorable info

TSB, same as Tesco above
Lloyds / Halifax, same as Tesco and TSB, but occasionally send SMS

Metro, same as Tesco and TSB

Barclaycard, same as above

Nationwide, same as above, plus SMS

Some banks ask you if you're on a trusted device and then don't send you SMS anymore.

TSB also send SMS occasionally, and ask if you trust the device.

Trust disappears and you're back to SMS every time if you clear relevant cookies, as with LBG brands.

KxMx

Logging into HSBC with the physical secure key is quick and simple. 
Long press green button. 
Enter 4 digit pin
Press green button
= code generated 

I do find the buttons a bit small and fiddly though. 

Alex9384

Eco_Miser said:

Alex9384 said:

American Express only requires login and password. That's it.

Tesco, only login, password and memorable info

TSB, same as Tesco above
Lloyds / Halifax, same as Tesco and TSB, but occasionally send SMS

Metro, same as Tesco and TSB

Barclaycard, same as above

Nationwide, same as above, plus SMS

Some banks ask you if you're on a trusted device and then don't send you SMS anymore.

TSB also send SMS occasionally, and ask if you trust the device.

Trust disappears and you're back to SMS every time if you clear relevant cookies, as with LBG brands.

I've got a TSB account, as well as all the other accounts I mentioned. I don't regularly delete cookies and TSB almost never ask me for SMS code. LBG only from time to time.

Lumiona

Not rtft so apologies if this has been answered. For the code generator, there are a few options across the top of the app that you need to choose, it is not obvious though and easily missed. Log On/ Transaction/ Reauthenticate/ Device switch.

I agree it is not the most user friendly system but does seem secure at least. 

Alex9384

Deleted_User said:

Eco_Miser said:

TSB also send SMS occasionally, and ask if you trust the device.

Trust disappears and you're back to SMS every time if you clear relevant cookies, as with LBG brands.

As far as I'm concerned I don't trust these cookie monsters that allegedly set up these "trusted devices". It looks to me like an invitation to hackers & scammers to get to work. I won't  fall for the "trusted devices" trick and always clear off all the cookies after my session. Therefore I'm delighted that TSB always sends me SMS and, if perchance it didn't, I wouldn't log in but instead I'd do a thorough clean of my PC before starting the log-in process from scratch.

I'm not a compter expert but I think in order to hack you, they would need you to either download their malicious software that would give them access to your computer, or let them call you and do all the job yourself. How is anyone going to hack me just because my bank stored cookies on my laptop?

Eco_Miser

Deleted_User said:

Alex9384 said:

Deleted_User said:

Eco_Miser said:

TSB also send SMS occasionally, and ask if you trust the device.

Trust disappears and you're back to SMS every time if you clear relevant cookies, as with LBG brands.

As far as I'm concerned I don't trust these cookie monsters that allegedly set up these "trusted devices". It looks to me like an invitation to hackers & scammers to get to work. I won't  fall for the "trusted devices" trick and always clear off all the cookies after my session. Therefore I'm delighted that TSB always sends me SMS and, if perchance it didn't, I wouldn't log in but instead I'd do a thorough clean of my PC before starting the log-in process from scratch.

I'm not a compter expert but I think in order to hack you, they would need you to either download their malicious software that would give them access to your computer, or let them call you and do all the job yourself. How is anyone going to hack me just because my bank stored cookies on my laptop?

I've been working with designing & maintaining computer systems for decades so I am aware of the need for security. For example burglars might break into your house at night steal your laptop and gain access to all the data on it. They can even, while in your house, access your laptop and take advantage of it being "trusted".

I fail to see why anyone wants to keep a vast number of cookie monsters alive many of which may spy on you and risk the possible consequences. Why not just take a few seconds to receive a text code (or similar) validation?

Even when burglars have physical possession of your device, they have to first enter your password (or fingerprint or whatever) to access the device, then (having found and connected to the url of your bank) they have to input your banking password, and possibly 'memorable information' before they can log in to your bank. Not having cookies adds two extra steps - your username and the 2FA.

One reason for not wanting to receive an SMS is that it can take much longer than a few seconds to receive.

I keep the cookie monsters under control, but some I find worthwhile. After all if I can't trust my bank, should I be banking with them?