We'd like to remind Forumites to please avoid political debate on the Forum. This is to keep it a safe and useful space for MoneySaving discussions. Threads that are - or become - political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.

Visa Secure. Is it really?

13»

Comments

  • "Apps" I've never trusted them for banking.

    I use apps for two security systems but banking is via the laptop. This is possible as I've never tried but the fear stories in the press have put me off.
    Apps particularly with face ID or finger prints or PIN access are a lot safer than on a laptop which could be infected with malware, key loggers etc. I wouldn't waste time on media scare stories 
  • eskbanker
    eskbanker Posts: 32,643 Forumite
    Part of the Furniture Photogenic Name Dropper 10 Posts
    How does the OP failure to periodically update and confirm his personal profile with the bank/credit card provider make Visa Secure not so secure? 

    Next someone will complain that “Signed for” mail sent to an address where one lived 10 years that was not removed for one profile is the Bank failure to deliver important information 🙈
    And why does everyone immediately leap to the conclusion that our personal information has NOT been updated as and when changes occur? It's quite depressing to read the reactions from reactionaries on here. When we have had a change, we have notified the banks.
    Simple fact is far too many never update their details when getting a new phone, email etc. Even worse the number that never advise of change of address. You would be amazed at how much mail comes back to bank. No longer at this address. 🤬

    Currently setting up a team to go through all customers & ensure details are correct. Which you will be surprised to know how many people kick off when you are checking their details. Saying it's none of the bank business..
    Out of curiosity, do you know if your employer retains old data when informed of new contact details?

    OP obviously considers that they supplied new details with an expectation (not unreasonable) that the old ones would be overridden, which is why I was indirectly suggesting that the ICO might be interested in any deliberate retention of data known to be out of date.  I can understand why any credit organisation might see potential value in old data that could conceivably be used to establish contact (in order to protect themselves if someone updates their contact details to be 01234 567890 and blah@blah.com for one thing), but that doesn't make it legal to retain that....
  • born_again
    born_again Posts: 16,201 Forumite
    Fifth Anniversary 10,000 Posts Name Dropper
    Well we can not see old data on customers accounts. It could be hidden in the background, but that is something I do not know. I just know if you start to update, it will delete what was there before & no way to get it back...

    But thinking about OP's case. It did make me wonder if that as you have mentioned old data is stored, or that the new visa/mastercard systems are not interacting with the banks system as simply showing old data.

    Often any update on a system, will break a link to another given the complex nature of the systems & the number of different parts all trying to interact with each other (& that is just internal) then bring in outside systems & all hell can break lose...
    Life in the slow lane
  • Marchitiello
    Marchitiello Posts: 1,270 Forumite
    Eighth Anniversary 1,000 Posts Combo Breaker Name Dropper

    Often any update on a system, will break a link to another given the complex nature of the systems & the number of different parts all trying to interact with each other (& that is just internal) then bring in outside systems & all hell can break lose...
    While what you state is indeed possible with internal system that are built on custom integration, those payment integration by VISA, MasterCard, Amex etc follow standard protocols, and in this case rely on a system call from Visa into the Bank database.. 

    it may well be that the front end updates done by Bank personnel are then not updating the database that is being called by the Visa Secure Integration, but that again would be a Bank internal issue not Visa Secure.

    There are instances of business that use copies of databases dedicated to specific integrations, and these database could be forgotten when a new Data Management system comes into play (i have overseen a project once that incurred in such a scenario, pre GDPR) but the GDPR legislation should have triggered processes and reviews within all UK/EU organisations to ensure this would not be happening .

    bottom line that the fault of the wrong number/email being shown on a Visa Secure pop up is to do either with the Bank or the Customer.

    a Personal Data access request to said institution, followed up but evidence of their data mismanagement may well point out the underlining problem within the bank and thus trigger the fixing for al customers .. I would still be surprised however if the OP had the same issue with multiples banks


  • born_again
    born_again Posts: 16,201 Forumite
    Fifth Anniversary 10,000 Posts Name Dropper
    I would not hope for a fix. Most banks systems are archaic & held together by the previable sticking tape.
    TBH. Data request will most likely just show the current data & not what you are hoping for. 

    Just look what happened when TSB brought their new system online.. & how much it cost them in pay outs.

    We had IBM come in & look at what we do. They could not believe how many times we have to duplicate stuff in our dept just to do a simple dispute. They said should be easy to fix. 6 years later still waiting. As it's not just a little bit to fix. It needs a whole new internal banking system. But that then has to fit in with all the external banking systems. Payments & other systems.
    I was told when I joined that the main system we use (DOS based) Now that confuses the hell out of the young ones 🤣 on how to work it. Still going strong after more years than I care to remember. Despite annual updates it will be gone this year.


    Life in the slow lane
  • Marchitiello
    Marchitiello Posts: 1,270 Forumite
    Eighth Anniversary 1,000 Posts Combo Breaker Name Dropper
    edited 8 December 2022 at 5:18PM
    I would not hope for a fix. Most banks systems are archaic & held together by the previable sticking tape.
    TBH. Data request will most likely just show the current data & not what you are hoping for. 

    Just look what happened when TSB brought their new system online.. & how much it cost them in pay outs.

    We had IBM come in & look at what we do. They could not believe how many times we have to duplicate stuff in our dept just to do a simple dispute. They said should be easy to fix. 6 years later still waiting. As it's not just a little bit to fix. It needs a whole new internal banking system. But that then has to fit in with all the external banking systems. Payments & other systems.
    I was told when I joined that the main system we use (DOS based) Now that confuses the hell out of the young ones 🤣 on how to work it. Still going strong after more years than I care to remember. Despite annual updates it will be gone this year.


    Under a Subject Data Access Request they have an obligation to share all the data they hold about the requestor with very few exceptions. Under the GDPR legislation they would have a dedicated Data Officer and a Policy and procedures documents where they would have done a full system architecture analysis and identified all the systems database/data warehouse/data lakes etc holding customer data and any query should trigger a process of extracting said data by each system database.

    it is important to point out the differences between a system / application and the data storage used by the system. The system itself can be archaic, badly functional, even creating data error, but ultimately the data will be held in Tables behind the system.

    when a third party need to access some of the Bank data, like a payment processor in this case, a mapping of the data required is done to the exact field In the system table (or usually a separate database copy). So as an example a call for a specific card number should return an active telephone number from a dedicated Database that the bank has made available for said mapping. 

    If what the OP has described is indeed true, the likely scenario is that the updated information in the bank system are not actually updating the above mentioned dedicated Database. This may well be that when they have done some system architecture change they have not ensured the “job” that update the database when a change is done in the live system, actually still work (the job could have stopped working or source of the job no longer mapped or again the destination of the job has for any number of reason changed).

    I did not want to go to technical but I felt it was due to put away some of the incorrect suggestions that keeps coming up in this thread
Meet your Ambassadors

Categories

  • All Categories
  • 345.7K Banking & Borrowing
  • 251K Reduce Debt & Boost Income
  • 450.9K Spending & Discounts
  • 237.8K Work, Benefits & Business
  • 612.5K Mortgages, Homes & Bills
  • 174.3K Life & Family
  • 250.9K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16K Discuss & Feedback
  • 15.1K Coronavirus Support Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.