The amount of security checks are becoming ridiculous.

[Deleted User]

I have tried to make a purchase of an item for £400. I put in my payment card, it then asks me to confirm the three digit code on the back of the card (as has always been the case). Next the website loads up a Barclays payment box and asks do I want to sent a text code or use the app. I select use the app. The app on my phone thing pings, I go to open it, it asks for verification, which I enter, it then asks me to confirm the payment is correct. I select yes, i then go back to the website and select that I have OK'd the payment. The order then completes. 

Three days later the company emails me advising I need to call them to confirm I made the order, I call them, they start asking me for my details. what is your DOB, what is your address, could I confirm the last four digits of the card. I said I am not giving them details over the phone. And the call ended. I mean what a lot of rot. I might as well go and draw out cash and pay for something in person. How many layers of security do you need?

tacpot12

You need more layers than you might imagine. The criminals are resouceful, persistent and merciless. 

SVts

That sounds a lot 

Transferring money from one bank to another seems to come with many possible fraud warnings before you eventually get to transfer. Its as if they are trying to put you off.
Just goes to show how big a problem is and also scary how much private data you are sharing i.e DOB, Mothers maiden name etc. 

All these checks then FirstDirect send a paper statement detailing every transaction I've made    often my mail is delivered next door and vice versa. 

[Deleted User]

tacpot12 said:

You need more layers than you might imagine. The criminals are resouceful, persistent and merciless. 

Yes but it remains the case that many websites to do not need authentication to be completed. So the criminals will just use those sites. Secondly they are removing the ease which made electronic payments benefit over cash. 

flaneurs_lobster

Don't care if banks insert lots of checks if it stops bad people stealing my money. 

I'd be more worried about that email/call from "the company" asking for lots of information they don't need, think you were right to terminate that conversation.

Did you still get your £400 thing? 

MattMattMattUK

[Deleted User] said:

tacpot12 said:

You need more layers than you might imagine. The criminals are resouceful, persistent and merciless. 

Yes but it remains the case that many websites to do not need authentication to be completed. So the criminals will just use those sites. 

Different companies have different appetite for risk, if you have a low appetite for risk and that means that you lose some orders, but all the criminals go to your competitors I would personally view that as a win. 

[Deleted User] said:
Secondly they are removing the ease which made electronic payments benefit over cash. 

Not really, cash is an absolute pain in the behind, even the process you describe, which I have never had the subsequent phone call still sounds far more convenient than using cash and making an in person payment. 

DullGreyGuy

SVts said:

Transferring money from one bank to another seems to come with many possible fraud warnings before you eventually get to transfer. 

When paying my HMRC bills I could say "yes" to at least half of the red flag warning points they raise.

I find it particularly odd when you've selected something like HMRC from their list of pre-setup account details that they show the same warnings

MattMattMattUK

DullGreyGuy said:

SVts said:

Transferring money from one bank to another seems to come with many possible fraud warnings before you eventually get to transfer. 

When paying my HMRC bills I could say "yes" to at least half of the red flag warning points they raise.

I find it particularly odd when you've selected something like HMRC from their list of pre-setup account details that they show the same warnings

I find this odd as well, I mean one would have to be the dumbest kind of stupid to pay one's personal (or business) tax bill with a stolen credit card or illegally accessed bank account.

DullGreyGuy

MattMattMattUK said:

DullGreyGuy said:

SVts said:

Transferring money from one bank to another seems to come with many possible fraud warnings before you eventually get to transfer. 

When paying my HMRC bills I could say "yes" to at least half of the red flag warning points they raise.

I find it particularly odd when you've selected something like HMRC from their list of pre-setup account details that they show the same warnings

I find this odd as well, I mean one would have to be the dumbest kind of stupid to pay one's personal (or business) tax bill with a stolen credit card or illegally accessed bank account.

No, the warnings for a FasterPay transfer are all about if you can trust the recipient is who they say, not paying under duress etc... so not about you doing the naughty but the recipient... hence HMRC can tick boxes 

TheElectricCow

It’s all well and good making me go through 3 pages of warnings and having to use two separate devices to transfer money between my own accounts, but all that security seems a bit pointless when they’re also quite happy to have a new debit card, pin code, and online banking info, delivered together on the same day, stuck in an unattended mail box inside envelopes that don’t do much to hide the contents.

A chain is only as strong as it’s weakest link after all, for a criminal it seems like a physical security breach would be a much easier way to go about things.

AstonSmith

The second half (phone call etc) seems a bit weird. Surely the company doesn't have liability since the SCA process was followed (CVV, 2nd factor auth)?

I wonder if it was for something else, like an issue with the order of some sort, but they wouldn't discuss it without authenticating yourself first. The DOB request might back this up, since it's not relevant to taking money from card.

Hopefully they'll refund you without hurdles.