Security gone mad

eskbanker

born_again said:

eskbanker said:

born_again said:

Nasqueron said:

If you'd done it in the app, it would go through fine normally, doing it over the phone will always invite extra questions and security per the various scams and bank liability

Santander APP now goes through all these questions. Even when paying into own accounts.
Which TBH, is how a lot of money is lost to fraudsters. 
Move to one of your own accounts & then moved out of there...

Are you referring to their measures to combat APP (Authorised Push Payment) scams or just their app (i.e. the software on phones, etc)?

Just the Phone APP, do not use the online banking enough to say about that side.

To the best of my knowledge the security checks will be the same for payments initiated via the app or online banking, but the point was really that there's a difference between "APP" and "app", so you're actually meaning 'phone app', not 'phone APP'.

Belenus

Not Santander but I had 'fun' recently with NS&I. National Savings and Investments.

I have had an NS&I account for decades for Premium Bonds and also a Direct Saver account (yes, I knew the interest rate was less than elsewhere).

I recently changed bank account from HSBC to Lloyds (for a nice £200 bonus) so I changed my Bank Account record on NS&I online via the web site.

The next day I went online again to withdraw £999 from my Direct Saver account, leaving just £1 in there to keep the account open, as I can get a better interest rate elsewhere in a recently opened Trading212 Cash ISA.

The next day NS&I phoned me to check that this was not fraud. Fair enough, the proximity of the change in bank account and withdrawal request should prompt a security check.

It took at least fifteen minutes of many detailed security questions before they would accept that I was the genuine account holder and that the withdrawal was genuine and not fraudulent or forced upon me.

Some of the questions were easy but some were about things that happened years ago. Old dates, old phone numbers, dates of old transactions from years ago etc.

I finally satisfied them and the transfer went through ok.

I was pleased they NS&I take security seriously but the number of questions appeared very excessive.

Oh well, better too much than too little security I suppose.

eDicky

eskbanker said:

eDicky said:

Zopa_Trooper said:

Isn't the truth its all automated so no actual human is even involved?

Yes, in the first instance at least it's all automated, no other way. Which would be fine, if their systems and algorithms involved were actually fit for purpose. They obviously are not, illustrated by your story and all the others recounted here. Meanwhile the instances of fraud continues to rise...

Not according to UK Finance:

Thanks for your correction.

The figures are still pretty high, indicating to me that there's much room for improvement in fraud prevention measures currently used by banks.

Hopefully the higher costs in reimbursement they are likely to bear under the new regulations will encourage them to invest in more effective systems to identify possible fraudulent payments, but without so many false positives and the inconvenience caused, as at present.

GeoffTF

eDicky said:

Hopefully the higher costs in reimbursement they are likely to bear under the new regulations will encourage them to invest in more effective systems to identify possible fraudulent payments, but without so many false positives and the inconvenience caused, as at present.

The costs under the new regulations will be lower than they were under the old voluntary code. The big banks all applied the voluntary code, and will have lower costs under the new regulations.

GeoffTF

wiseonesomeofthetime said:

friolento said:

Ballard said:

I dare say that we all encounter this issue and it can be a little frustrating but I can understand why banks put this on every transfer. Filtering certain payments could open them up to claims that they weren’t told to be careful.

Even if it’s an internal transfer to another of my accounts, what if someone else has POA on that account but not my main one (I’m making an assumption that this is feasible)? The bank would need to employ ever more complex arguments within their system to cover everything. It’s easier for them to just ask the question each time and know that they’ve complied. 

I have never had any internal transfers held for further checks. Still waiting for the OP to clarify whether they made an internal transfer or a payment.

It does smack more of a payment to a new payee  security approach than an internal transfer between accounts  one to me too.

The destination Santander account has an account number and sort code. The OP could either have done an internal transfer, or set up his new account as a payee and kicked off a Faster Payments transfer, which involved extra checks.

eskbanker

GeoffTF said:

eDicky said:

Hopefully the higher costs in reimbursement they are likely to bear under the new regulations will encourage them to invest in more effective systems to identify possible fraudulent payments, but without so many false positives and the inconvenience caused, as at present.

The costs under the new regulations will be lower than they were under the old voluntary code. The big banks all applied the voluntary code, and will have lower costs under the new regulations.

Agreed - costs for the major players should decrease for at least three reasons, i.e. the £100 excess they can now levy, the £85K claim limit, and also the fact that the receiving bank is now expected to share the cost.  I remain convinced that this last measure will be the most significant, as it'll force the smaller players with weaker security to up their game when they're on the hook for more cost than before, thereby making it harder for fraudsters to open accounts in the first place.

friolento

GeoffTF said:

wiseonesomeofthetime said:

friolento said:

Ballard said:

I dare say that we all encounter this issue and it can be a little frustrating but I can understand why banks put this on every transfer. Filtering certain payments could open them up to claims that they weren’t told to be careful.

Even if it’s an internal transfer to another of my accounts, what if someone else has POA on that account but not my main one (I’m making an assumption that this is feasible)? The bank would need to employ ever more complex arguments within their system to cover everything. It’s easier for them to just ask the question each time and know that they’ve complied. 

I have never had any internal transfers held for further checks. Still waiting for the OP to clarify whether they made an internal transfer or a payment.

It does smack more of a payment to a new payee  security approach than an internal transfer between accounts  one to me too.

The destination Santander account has an account number and sort code. The OP could either have done an internal transfer, or set up his new account as a payee and kicked off a Faster Payments transfer, which involved extra checks.

Exactly, and if the OP chose to make a payment to a new payee, rather than an internal transfer, it would be easier to understand why the fraud algorithm kicked in.

varkanoid

Been trying to deposit a cheque using Santander app and its useless. Followed the take a photo guide and it still fails. On the very slim chance you can get it to say "hold still" and the red line goes round the circle it fails. If I click on the white circle to take the photo when its in the square it fails. Used a different device still fails no matter what light or background you use dark or light.

The old app worked fine everytime with cheques.

Left a 1* review on Playstore and just seen on my phone developers have responded to my review. Yep they deleted it. Which is strange as there are other 1* reviews still on there.