Coinbase have taken £1,000 from my partner's bank account (she doesn't have a coinbase account).

Sunflower49

Forumuser7 So sorry, I missed your response!

Yes, signature is the same (different details obviously).

So this is an investigator rather than the ombudsmen?

Thanks-I will ask for escalation. 

That last email was saying basically this is it, they've investigated and they thnk It's her and want a reply within four days. I replied within the four days asking fore more time-no response so I got back to them again today with some details obtained from this thread.

Thanks for the link, I will look at that. 

With Santander, yes I did write to them several times, with details, answering their questions and they responded and then I said I'd go to the ombudsman and filled in the form.

And thanks so much for the extensive reply-don't know how I missed it!In my defense I am working and it has been busy.

If they come back to me (or even if they don't!) I will ask for an escalation to the 'actual' ombudsmen service. 

MikeJXE

zagfles said:

Santander login requires a 5 digit PIN. Could it be that your partner uses the same PIN for the phone? Could someone have seen you/her entering the PIN to unlock the phone? Could the phone have been taken while you were napping, maybe it was left at the entrance to the tent, or in a bag outside? Or maybe dropped outside the tent?

So called 2FA would likely have been useless if the second factor is sending a text to the phone that a thief has managed to access the account on!!

Santander do indeed use a 5 pin passcode and a phone uses 6.

Everyone is assuming it's the phone, My set up is iPhone iPad and MacBook Pro, I don't need the phone to access Santander I can do it on all 3, An OTP comes to all 3 so,  if they are using Apple devices and it wasn't authorised on the phone it could have been done on an iPad which is elsewhere. Even so whoever accessed Santander would have to know the passcode because it is not stored on the iPhone. Not sure if this is relevant to Android devices. 

The mind boggles 

Sensory

Was it a debit card transaction, bank transfer or open banking? Coinbase allow all three, although the latter two would be much harder to carry out fraudulently if your partner was sleeping.

How exactly do Santander know it was her phone that was used to facilitate the whole transaction process? Santander and Coinbase do not share internal systems.

ForumUser7

Sunflower49 said:

Forumuser7 So sorry, I missed your response!

Yes, signature is the same (different details obviously).

So this is an investigator rather than the ombudsmen?

Thanks-I will ask for escalation. 

That last email was saying basically this is it, they've investigated and they thnk It's her and want a reply within four days. I replied within the four days asking fore more time-no response so I got back to them again today with some details obtained from this thread.

Thanks for the link, I will look at that. 

With Santander, yes I did write to them several times, with details, answering their questions and they responded and then I said I'd go to the ombudsman and filled in the form.

And thanks so much for the extensive reply-don't know how I missed it!In my defense I am working and it has been busy.

If they come back to me (or even if they don't!) I will ask for an escalation to the 'actual' ombudsmen service. 

No worries!

And yes, how it works is when you refer to the FOS your case is in a holding queue, then it is assigned to an investigator. If either you, or the bank, disagrees with the investigators view you can ask for it to be passed to an ombudsman who will review it further. Both of these people work for the ombudsman service, it’s just the ombudsman’s decision is legally binding

SiliconChip

MikeJXE said:

zagfles said:

Santander login requires a 5 digit PIN. Could it be that your partner uses the same PIN for the phone? Could someone have seen you/her entering the PIN to unlock the phone? Could the phone have been taken while you were napping, maybe it was left at the entrance to the tent, or in a bag outside? Or maybe dropped outside the tent?

So called 2FA would likely have been useless if the second factor is sending a text to the phone that a thief has managed to access the account on!!

Santander do indeed use a 5 pin passcode and a phone uses 6.

Says who? Your phone may have a 6 digit PIN, but mine has one of whatever length I set it up with, which as it happens is 5 digits. Of course, it's not the same as my Santander number, and I never expect to need to use the phone PIN again as I have other security methods set up, but your assertion does not mean that the OP's partner didn't use the same PIN.

ZeroSum

SiliconChip said:

MikeJXE said:

zagfles said:

Santander login requires a 5 digit PIN. Could it be that your partner uses the same PIN for the phone? Could someone have seen you/her entering the PIN to unlock the phone? Could the phone have been taken while you were napping, maybe it was left at the entrance to the tent, or in a bag outside? Or maybe dropped outside the tent?

So called 2FA would likely have been useless if the second factor is sending a text to the phone that a thief has managed to access the account on!!

Santander do indeed use a 5 pin passcode and a phone uses 6.

Says who? Your phone may have a 6 digit PIN, but mine has one of whatever length I set it up with, which as it happens is 5 digits. Of course, it's not the same as my Santander number, and I never expect to need to use the phone PIN again as I have other security methods set up, but your assertion does not mean that the OP's partner didn't use the same PIN.

Depends on brand. Huawei for example requires a 6 digit, you can't opt for lower amount.

born_again

Sunflower49 said:

grumbler said:

So, was the money taken or sent?

I guess 'sent'? 

'Signature- Joe Bloggs| Investigator | 02079641126

Financial Ombudsman Service | Exchange Tower, London, E14 9SR'

Thank you Flower, I will do that with the ombudsmen. 

Thanks Mike, that makes sense and I agree- I am an ex police worker and the cleverer banks get, the more adept criminals become to overcome it

FOS will not get involved unless your partner has been through Santander complaints procedure & either received a deadlock letter or decline.

Sorry but "I guess sent" does not help.

Would need to know exactly what type of payment it is to give any useful advice. 

Sunflower49

@MikeJXE I thought that too-my ‘phone allows me to pick how many digits my PIN is although I believe It’s a minimum of four (It’s a Samsung something or other). My banking app pin is 6 and fixed at 6 however.

So you’re saying it could have been a different, separate device-I mean they’d need an email address or ‘phone number for the approval, I assume

 

@Sensory I have asked this now. I don’t know as of yet, sorry. I will have a look back over the paperwork and see if they’ve mentioned it too. I have emailed the investigator to ask too-It’s a good point!

 

I will ask @forumuser, thank you-I understand now.

@siliconchip yes, you make a good point-she assures me it isn’t the same PIN and I do believe her, who’s daft enough to do that –quite a few people, probably—

 

@born_again she did receive a decline letter and an offer to share details of the ‘ombudsman’ so I guess that’s that with the bank.

I am sure it doesn’t help, my choice of wording ‘taken’ is because I suppose I know partner didn’t send it herself on purpose. If someone has managed to send it then yes, It’s sent and this is what the bank appear to be saying. I have asked for clarification now however, so thank you-I can hopefully update soon once they’ve replied. I am inclined to think  that they say It's a card transaction, from memory but that's just memory-there's been so many letters and emails.

Sunflower49

I have tried contesting via coinbase using that link, but they're not accepting the payment references I have-says they have to be longer (more characters)I'll ask partner to get back onto her bank.

zagfles

The type of transaction (bank transfer/card payment/open banking) is fundamental, if it was a card transaction then no access to the online account would have been required, just the card number and probably CVV (3 numbers on the back), and possibly some form of "2FA". If the 2FA was a text message, these can often be read by someone without having to get into the phone, it may appear as a notification on the screen even if the phone is locked, or does she have any bluetooth device paired with the phone (eg a smart watch, car system etc) which can access text messages?

If it was card, has she asked for a new card - they would usually send a new card with new number if a card has been used fraudulently.

TBF many, maybe even most, fraudulent card transactions (like a lot of crimes) are committed by someone known to the victim. Did she ever let anyone else use her card?