Coinbase have taken £1,000 from my partner's bank account (she doesn't have a coinbase account).

MikeJXE

Sunflower49 said:

.So you’re saying it could have been a different, separate device-I mean they’d need an email address or ‘phone number for the approval, I assume

 Yes an no

The way banking with Santander works ............

When you sign up your get your user number or whatever it's called, mine is 10 digits and you get a passcode 5 digits  plus other memorable information.

When logging into the bank enter the user number and you can tick the remember me box, then enter the passcode. this is the first device you set the online banking up with.

If I decide to log on with a different device as in Apple my iPhone, iPad or MacBook Pro which are linked, when I log into the bank the 10 digit number is there because I ticked remember me on the other device then I enter the 5 digit passcode. 

The bank knows I am logging in on a different device so I get the question if I trust this device, when I tick yes they send a 6 digit OTP code by text to my already registered device which incidentally comes to all 3 of mine including the one they are asking me if I trust. 

Now I can log into my bank on 2 devices, 1) the iPhone I set up the banking with plus 2) my iPad they now trust.

Thats where just because the phone was not used as they say, the iPad could have been even if it was the other side of the world as long as it was on wifi. The codes sent to approve the transactions would have been sent to both and approved with either. However that user would still need to know the 5 pin passcode 

Whether Santander knows which device I am using I have no id

No idea if this is the case with Android phones 

born_again

Sunflower49 said:

@born_again she did receive a decline letter and an offer to share details of the ‘ombudsman’ so I guess that’s that with the bank.

I am sure it doesn’t help, my choice of wording ‘taken’ is because I suppose I know partner didn’t send it herself on purpose. If someone has managed to send it then yes, It’s sent and this is what the bank appear to be saying. I have asked for clarification now however, so thank you-I can hopefully update soon once they’ve replied. I am inclined to think  that they say It's a card transaction, from memory but that's just memory-there's been so many letters and emails.

Statement will show what type of transaction it was, so check there.

If it's a card payment. Then no one has had access to the online banking.

Card details can be gained from any retailer card is used at, either online or in person. 

Only reason I can see for Santander to decline refund is if a Code was sent to their phone & used. Other than that their is no way to prove customer involvement. Without reporting transaction as fraud & retailer comes back with customer details. But they will not do that without refunding.

Sunflower49

@zagfiles

Nothing paired-and she hasn’t let anybody else use her card.

@mikeJXE thanks, that makes sense

It was card payments-I’ve looked at the statements. The bank’s stance is that it was authorised via her ‘phone so they won't refund. I guess the onus is on her to argue that it wasn't authorised via her 'phone but on another device, fraudulently.

Sunflower49

That link on the first page to report it to CB isn't working unfortunately. Tried from two different devices and it keeps saying 'The letters in the image don't match' (for the captcha I think) but it doesn't reveal any letters/image even upon refreshing. I am going to try to find another way but no luck so far. 

kaMelo

Sunflower49 said:

@zagfiles

Nothing paired-and she hasn’t let anybody else use her card.

@mikeJXE thanks, that makes sense

It was card payments-I’ve looked at the statements. The bank’s stance is that it was authorised via her ‘phone so they won't refund. I guess the onus is on her to argue that it wasn't authorised via her 'phone but on another device, fraudulently.

Santander would sent a OTP via text message to a customers registered number, the fact this is then forwarded from the phone via iCloud to linked devices is obviously not known by Santander. As far as they're concerned they've sent it to the correct number.  What they will know however is which device is being used to log in to online banking. 

Most flat out rejections like this from the Ombudsman are because the bank have technical evidence shown to the Ombudsman that the same device(s) used for the transaction, OTP, and OLB are the same as previously used and currently still in use..

jimjames

MikeJXE said:

The way banking with Santander works ............

When you sign up your get your user number or whatever it's called, mine is 10 digits and you get a passcode 5 digits  plus other memorable information.

When logging into the bank enter the user number and you can tick the remember me box, then enter the passcode. this is the first device you set the online banking up with.

I believe there was an incident recently (trying to find BBC article without success at the moment) where someone had their card and phone stolen which allowed the criminal to access their account and PIN. With both items they were able to register a new phone using the card number and then authorise it by getting the OTP sent to the phone which was displayed on lock screen. New phone then has full access to the account and can display PIN code so they can use the card. Very clever and makes it look like the owner has been careless with their PIN yet it was the bank that disclosed via app.

grizzlegrizzle

Can anyone confirm whether Coinbase would have required the name on the card to match the name on the Coinbase account? I believe that this would be their requirement for bank transfers but don't know about cards and don't have a Coinbase account to check. 

GlasgowExpat2

jimjames said:

MikeJXE said:

The way banking with Santander works ............

When you sign up your get your user number or whatever it's called, mine is 10 digits and you get a passcode 5 digits  plus other memorable information.

When logging into the bank enter the user number and you can tick the remember me box, then enter the passcode. this is the first device you set the online banking up with.

I believe there was an incident recently (trying to find BBC article without success at the moment) where someone had their card and phone stolen which allowed the criminal to access their account and PIN. With both items they were able to register a new phone using the card number and then authorise it by getting the OTP sent to the phone which was displayed on lock screen. New phone then has full access to the account and can display PIN code so they can use the card. Very clever and makes it look like the owner has been careless with their PIN yet it was the bank that disclosed via app.

https://www.mylondon.news/news/west-london-news/woman-bank-account-drained-8000-24932022

languid

Hi OP, I can't see that you confirmed your partner was definitely using an iPhone. Is there a chance your partner was using an older Android phone, possibly form OnePlus?

Band7

GlasgowExpat2 said:

jimjames said:

MikeJXE said:

The way banking with Santander works ............

When you sign up your get your user number or whatever it's called, mine is 10 digits and you get a passcode 5 digits  plus other memorable information.

When logging into the bank enter the user number and you can tick the remember me box, then enter the passcode. this is the first device you set the online banking up with.

I believe there was an incident recently (trying to find BBC article without success at the moment) where someone had their card and phone stolen which allowed the criminal to access their account and PIN. With both items they were able to register a new phone using the card number and then authorise it by getting the OTP sent to the phone which was displayed on lock screen. New phone then has full access to the account and can display PIN code so they can use the card. Very clever and makes it look like the owner has been careless with their PIN yet it was the bank that disclosed via app.

https://www.mylondon.news/news/west-london-news/woman-bank-account-drained-8000-24932022

I was thinking about this case for a minute, too, but in the case of the OP, the phone didn't go missing, so it was probably a different issue. I thought about a SIM swap scam, too - but again, this seems unlikely as the phone in the case of the OP continued to work (or at least we haven't been told differently).