We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
West Brom BS Security
dosh37
Posts: 496 Forumite
Should I be concerned by the apparent lack of online banking security on the West Brom BS website?
To login, all you need is account number, date of birth and a 4 digit PIN.
There is no password, memorable information or two factor authentication.
0
Comments
-
If you try to do anything involving account management, SMS (or landline phone call) OTP verification is then required.2
-
Well I'm concerned, it does seem to be an outlier when considering the dozens of other institutions that hold money for me, I'm not recalling any other that hasn't implemented at least some form of 2FA (or an app protected by the app & device security).
You might argue that this is of less concern since withdrawals can only be made to authenticated nominated accounts in the same name - but that is not really the point.1 -
I agree I can see why you are concerned but, I only have a regular saver with them and the sums of money involved are relatively small so I think the risks are ok for me.0
-
It doesn't concern me tbh.
0 -
Having two different areas to log in for their WebSave or Savings Portal isnt very user friendly needing different password/PIN, just have one common platform with 2FA etc0
-
dosh37 said:Should I be concerned by the apparent lack of online banking security on the West Brom BS website?To login, all you need is account number, date of birth and a 4 digit PIN.There is no password, memorable information or two factor authentication.Have a look at GS Marcus's login then....All you need is email (hardly secret) and a password and you are inThe rational is as with others that you can only withdraw to your nominated account so if anyone unauthorised does gain access they cannot themselves get any money to their own accounts.Santander I recall just has a username which you can 'save' on your computer and a pin for loginIt is quite possible though that GSMarcus (and probably West Brom/Santander ) are storing cookies on your computer so that if those are not present then some form of 2FA is then used....
0 -
Definitely true in the case of Santander.x44 said:
.....dosh37 said:Should I be concerned by the apparent lack of online banking security on the West Brom BS website?To login, all you need is account number, date of birth and a 4 digit PIN.There is no password, memorable information or two factor authentication.It is quite possible though that GSMarcus (and probably West Brom/Santander ) are storing cookies on your computer so that if those are not present then some form of 2FA is then used....
0 -
pafpcg said:
Definitely true in the case of Santander.x44 said:
.....dosh37 said:Should I be concerned by the apparent lack of online banking security on the West Brom BS website?To login, all you need is account number, date of birth and a 4 digit PIN.There is no password, memorable information or two factor authentication.It is quite possible though that GSMarcus (and probably West Brom/Santander ) are storing cookies on your computer so that if those are not present then some form of 2FA is then used....Not for just logging in to Santander online banking. I clear everything from each session, the Santander login process sometimes requires an OTP, but more often than not will allow me through to the accounts page with only user ID + 5-digit security number.Once in I don't always need an OTP to make a payment either.As for West Brom, I'm on the 'not really an issue' side - the PIN prevents other people seeing what I have in the accounts and accessing other information, and is as 'secure' as any of the PINs on debit cards I have, which (in the right circumstances) could allow access to thousands of pounds.0 -
And you cannot transfer direct from one to the other. To get money from a WebSave account to a West Brom account it has to go out to an external account.NanookOfTheNorth said:Having two different areas to log in for their WebSave or Savings Portal isnt very user friendly needing different password/PIN, just have one common platform with 2FA etc0 -
I think these three provide enough security for viewing your accounts.dosh37 said:Should I be concerned by the apparent lack of online banking security on the West Brom BS website?To login, all you need is account number, date of birth and a 4 digit PIN.There is no password, memorable information or two factor authentication.0
![[Deleted User]](https://us-noi.v-cdn.net/6031891/uploads/defaultavatar/nFA7H6UNOO0N5.jpg)
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 351.3K Banking & Borrowing
- 253.2K Reduce Debt & Boost Income
- 453.8K Spending & Discounts
- 244.3K Work, Benefits & Business
- 599.5K Mortgages, Homes & Bills
- 177.1K Life & Family
- 257.8K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.2K Discuss & Feedback
- 37.6K Read-Only Boards