Credit Card without text / passcode?

01NSkinner

Are there many credit cards that don't demand to send a passcose by text when ordering online? We don't all live for our mobile phones. Some of us are capable of turning the phone off for a while. Total pain to have to turn it on just to get a passcode.

MikeJXE

Not sure about that but I am sure I would rather my money be safe than not 

01NSkinner

But hasn't there been at least a case of a phone being stolen at the same time as a credit card and a message scrolling through the top of the screen even when not signed in - it doesn't actually make the transaction safer and the company any less responsible?

MikeJXE

Do whatever you wish but I am sure the banks and customers would be happy if you found a better way 

Martin_the_Unjust

You could always leave your phone on but have it in silent mode and only look at it when you want to?

Or stick to cash and only use physical shops.

jbrassy

I don't think this will be possible since new laws require that banks have multifactor authentication to improve security (came in under PSD2 I believe). Is it that much of an inconvenience to turn on your phone to receive one text or email? The whole point of this is to reduce fraud.

I'm sure if fraudsters stole money using your credit card you'd be even more annoyed compared to receiving one text message?

MrFrugalFever

jbrassy said:

I don't think this will be possible since new laws require that banks have multifactor authentication to improve security (came in under PSD2 I believe). Is it that much of an inconvenience to turn on your phone to receive one text or email? The whole point of this is to reduce fraud.

I'm sure if fraudsters stole money using your credit card you'd be even more annoyed compared to receiving one text message?

And would most likely spend a large amount of time on their phone trying to deal with the fraudulent transactions! Ironically.

lr1277

Are you willing to tell us what authentication you would be prepared to perform? Then other posters might be able to give you suggestions as to possible solutions.

1) I thought I read on here that some banks still send text messages to landline phones. If that is still possible (though it may not be), can you have your landline phone near your computer so that you receive such a call?

2) Are you willing to be logged into the card provider's website whilst making the online purchase? Though again I don't know if this is a viable solution.

3) Are you willing to use some kind of keypad you keep at home? Some keypads don't require the associated card and others do.Again I don't know if any providers allow you to authenticate transactions using a keypad but it isn't beyond the realm of possibility.

I used to have the previous John Lewis card (JV with HSBC) and I think they sent text messages to my phone. I couldn't get the Newday John Lewis card so have no idea how they authenticate transactions.PS. I just remembered, for the last few months of using the JL card, transaction authentication was done in the app.

I moved to the FD credit card. In 2021, my keypad for my FD current account died. This was used for logging into FD and also allowing transfers to new payees. FD customer service said you can have a new keypad but it will take a few weeks. In the meantime do you want to try our app and if you don't like it you can go back to the keypad. I agreed and have been using the app ever since to do most of my banking.

Regarding the texts to landline phones I know I sent texts to landline phones maybe 10 years ago. Though I tried in the last 2-3 years and it didn't work. So I am not sure if it works now nor whether any card providers use it as a means of authentication.

Gerry1

SMS verification should never be used for Strong Customer Authentication because it's inherently insecure; it's only as good as the mobile telco's customer service staff (who may be overseas, low paid or poorly trained), so any apparent security is completely outside the bank's control.  Unfortunately Nationwide, NatWest, Santander, The Co-operative Bank and TSB still use SMS in this way.

Better not to give them your mobile number and use a card reader (e.g. the Barclays PINSentry or Nationwide card reader) which requires you to insert your debit card to generate the One Time Passcode.  Even if your phone and card were both stolen, you'd still be protected because the thief would have to know your card PIN as well.

Some companies e.g. Aqua (New Day) will telephone your landline with the OTP.

bozo007

The problem is when you are outside UK. Barclays will now allow authentication only through their app, Halifax already does it. But this requires a data connection and roaming can be expensive. Banks should also allow authentication through a third party app, like Google or Microsoft Authenticator, which does not require an internet connection and are equally secure.

daivid

01NSkinner said:

But hasn't there been at least a case of a phone being stolen at the same time as a credit card and a message scrolling through the top of the screen even when not signed in - it doesn't actually make the transaction safer and the company any less responsible?

Of course it makes it safer. To get the code from a phone the fraudster has to physically have it (or be able to see it at least), thats before considering the possibility that the owner may set their display settings to only preview texts when the phone is unlocked… The only time I've had fraudulent activity on one of my cards it was all done remotely and the card was still in my possession - most likely the details had been copied by a cashier somewhere - had there been a need for 2 factor identification none of the fraudulent transactions could have happened as none of my email, phone or apps had been compromised.