Recommendations for alternative bank - HSBC requiring phone app

GeoffTF

dekaspace1 said:

This is annoying for me as my main phone doesn't work with many apps as it's rooted, and my backup phone is too old to work security apps.

Some other banks let me login without an app but to see/download statements I have to use the app which is a nightmare.

I am sure this has been said previously, but you should not have problem. You do not need a phone at all with Nationwide. A dumb phone is sufficient with Santander. With Nationwide, you can use a card reader. With Santander, you do not need use your phone (or any other security device) to login to your account, and see and download your statements. You can often make Faster Payments to frequently used own accounts without using your phone too.

EnPointe

clairec666 said:

Is there any reason they can't do a "secure code by text message" like some other banks do?

Because that is is actually extremely insecure compared to  a phone app that uses good 2FA  

EnPointe

clairec666 said:

Nasqueron said:

clairec666 said:

Nasqueron said:

clairec666 said:

Rich2808 said:

While they are keen to promote the use of the mobile app HSBC haven't phased out physical keys yet in the UK - and you can still use them and order new ones in branches etc?

Did I miss them announcing an end date?

One option of course is to have a second phone which you leave at home for banking apps - so you aren't carrying it around with you.

I resent HSBC's approach and I think everyone should be given choice as to how they access their account.

Is there any reason they can't do a "secure code by text message" like some other banks do?

To be blunt - this is how private businesses work, they don't cater to individual whims but what is profitable for them, quite rightly private firms should not be forced to keep using card readers where there are better ways

SMS is even less secure so is rightly being stopped

I've nothing against newer app-only banks, they have built their businesses on a younger tech-savvy clientele and aren't ever going to provide branches, or often even phone lines too. But I think high-street providers should still be catering for their existing customers rather than coercing them into using technology they might not be comfortable with.

For the record, I'm not an "older" customer, but I don't want to use an app for everything.

Nothing about the age, First Direct have been around online for decades, plenty of older people work without branches though all of them have phone lines to some extent e.g. for fraud reporting. You're welcome to your opinion but it's simply how businesses operate that they should be allowed to move to other systems that the vast majority use

HSBC are free to go app-only if that's how they want to run their business. What is annoying me is that they offer "online banking" but are not-so-subtly trying to lead people towards their app instead. If they don't want to offer access via a web browser, they should just do away with it altogether and be upfront about it. In which case, I'll make my decision as to whether to install the app or ditch HSBC and go elsewhere.

again  utterly incorrect 

EnPointe

Section62 said:

Nasqueron said:

clairec666 said:

GeoffTF said:

Nasqueron said:

Banks typically stop access when the system OS is no longer supported by the manufacturer, typically 5-6 years with Apple and better Android devices, one phone every 5-6 years is normal, it happens with all devices as a phone that old isn't secure and is a risk to use

I do not know of any bank that does that. Anyway, security updates just reduce the risk, they do not eliminate it.

No banking apps would install on my last phone, because it was running an old version of Android.

Using a phone over 6 years old is a security risk because the software isn't having security patches, hence banks don't want to risk their software being compromised and yuou losing money, it's akin to leaving all your doors and windows open at home. You can get an Android 14 (full, not Go) phone from Argos for £100 which will have security to at least Feb 2027. A Samsung A15 5G will have 5 years of security updates albeit it's a year old already

So not a new phone every year, but a new £100 phone every 16 months?

Versus a credit card-sized device the bank gives you for free?

if you  buy a current   up-to-date  device you will have 6  years of  updates  in the vast majority of cases , if you choose to  buy a phone which as a model is already a number of years old, you  run the associated risk of shorter  support  horizons 

GeoffTF

EnPointe said:

Section62 said:

Nasqueron said:

clairec666 said:

GeoffTF said:

Nasqueron said:

Banks typically stop access when the system OS is no longer supported by the manufacturer, typically 5-6 years with Apple and better Android devices, one phone every 5-6 years is normal, it happens with all devices as a phone that old isn't secure and is a risk to use

I do not know of any bank that does that. Anyway, security updates just reduce the risk, they do not eliminate it.

No banking apps would install on my last phone, because it was running an old version of Android.

Using a phone over 6 years old is a security risk because the software isn't having security patches, hence banks don't want to risk their software being compromised and yuou losing money, it's akin to leaving all your doors and windows open at home. You can get an Android 14 (full, not Go) phone from Argos for £100 which will have security to at least Feb 2027. A Samsung A15 5G will have 5 years of security updates albeit it's a year old already

So not a new phone every year, but a new £100 phone every 16 months?

Versus a credit card-sized device the bank gives you for free?

if you  buy a current   up-to-date  device you will have 6  years of  updates  in the vast majority of cases , if you choose to  buy a phone which as a model is already a number of years old, you  run the associated risk of shorter  support  horizons 

2 years of security updates is still common, and some manufacturers do not promise anything:

https://www.androidauthority.com/phone-update-policies-1658633/

Samsung seems to have the longest period of security updates for reasonably priced phones. None of the manufacturers' promises are completely watertight though.

clairec666

EnPointe said:

clairec666 said:

Nasqueron said:

clairec666 said:

Nasqueron said:

clairec666 said:

Rich2808 said:

While they are keen to promote the use of the mobile app HSBC haven't phased out physical keys yet in the UK - and you can still use them and order new ones in branches etc?

Did I miss them announcing an end date?

One option of course is to have a second phone which you leave at home for banking apps - so you aren't carrying it around with you.

I resent HSBC's approach and I think everyone should be given choice as to how they access their account.

Is there any reason they can't do a "secure code by text message" like some other banks do?

To be blunt - this is how private businesses work, they don't cater to individual whims but what is profitable for them, quite rightly private firms should not be forced to keep using card readers where there are better ways

SMS is even less secure so is rightly being stopped

I've nothing against newer app-only banks, they have built their businesses on a younger tech-savvy clientele and aren't ever going to provide branches, or often even phone lines too. But I think high-street providers should still be catering for their existing customers rather than coercing them into using technology they might not be comfortable with.

For the record, I'm not an "older" customer, but I don't want to use an app for everything.

Nothing about the age, First Direct have been around online for decades, plenty of older people work without branches though all of them have phone lines to some extent e.g. for fraud reporting. You're welcome to your opinion but it's simply how businesses operate that they should be allowed to move to other systems that the vast majority use

HSBC are free to go app-only if that's how they want to run their business. What is annoying me is that they offer "online banking" but are not-so-subtly trying to lead people towards their app instead. If they don't want to offer access via a web browser, they should just do away with it altogether and be upfront about it. In which case, I'll make my decision as to whether to install the app or ditch HSBC and go elsewhere.

again  utterly incorrect 

May I ask, which specific part of what I said is "utterly incorrect"?

dekaspace1

GeoffTF said:

dekaspace1 said:

This is annoying for me as my main phone doesn't work with many apps as it's rooted, and my backup phone is too old to work security apps.

Some other banks let me login without an app but to see/download statements I have to use the app which is a nightmare.

I am sure this has been said previously, but you should not have problem. You do not need a phone at all with Nationwide. A dumb phone is sufficient with Santander. With Nationwide, you can use a card reader. With Santander, you do not need use your phone (or any other security device) to login to your account, and see and download your statements. You can often make Faster Payments to frequently used own accounts without using your phone too.

Santander let's me view transactions and statements but not a full statement i.e name and addressed.

dekaspace1

Rob5342 said:

dekaspace1 said:

This is annoying for me as my main phone doesn't work with many apps as it's rooted, and my backup phone is too old to work security apps.

Some other banks let me login without an app but to see/download statements I have to use the app which is a nightmare.

Halifax doesn't need a mobile phone for seeing your statements, when you log on you can have an automated phone call that you type the on screen code into. 

I locked myself out of my Halifax account last year and it wouldn't let me back in without the app, also had a problem activating a credit card, couldn't do it online, or by phone had to be by app, luckily in the end my 2018 phone worked.

Virgin Bank for a while required the app but now lets you get a text if need be luckily as that is my main.

EnPointe

clairec666 said:

EnPointe said:

clairec666 said:

Nasqueron said:

clairec666 said:

Nasqueron said:

clairec666 said:

Rich2808 said:

While they are keen to promote the use of the mobile app HSBC haven't phased out physical keys yet in the UK - and you can still use them and order new ones in branches etc?

Did I miss them announcing an end date?

One option of course is to have a second phone which you leave at home for banking apps - so you aren't carrying it around with you.

I resent HSBC's approach and I think everyone should be given choice as to how they access their account.

Is there any reason they can't do a "secure code by text message" like some other banks do?

To be blunt - this is how private businesses work, they don't cater to individual whims but what is profitable for them, quite rightly private firms should not be forced to keep using card readers where there are better ways

SMS is even less secure so is rightly being stopped

I've nothing against newer app-only banks, they have built their businesses on a younger tech-savvy clientele and aren't ever going to provide branches, or often even phone lines too. But I think high-street providers should still be catering for their existing customers rather than coercing them into using technology they might not be comfortable with.

For the record, I'm not an "older" customer, but I don't want to use an app for everything.

Nothing about the age, First Direct have been around online for decades, plenty of older people work without branches though all of them have phone lines to some extent e.g. for fraud reporting. You're welcome to your opinion but it's simply how businesses operate that they should be allowed to move to other systems that the vast majority use

HSBC are free to go app-only if that's how they want to run their business. What is annoying me is that they offer "online banking" but are not-so-subtly trying to lead people towards their app instead. If they don't want to offer access via a web browser, they should just do away with it altogether and be upfront about it. In which case, I'll make my decision as to whether to install the app or ditch HSBC and go elsewhere.

again  utterly incorrect 

May I ask, which specific part of what I said is "utterly incorrect"?

HSBC on line banking  does not  require the app  ,especially as it appears physical  code generation units are still avaialble 

even if you use ther app for code generation you do not have to use the app  as it  generates  codes for the web  portal 

gt94sss2

GeoffTF said:

EnPointe said:

Section62 said:

Nasqueron said:

clairec666 said:

GeoffTF said:

Nasqueron said:

Banks typically stop access when the system OS is no longer supported by the manufacturer, typically 5-6 years with Apple and better Android devices, one phone every 5-6 years is normal, it happens with all devices as a phone that old isn't secure and is a risk to use

I do not know of any bank that does that. Anyway, security updates just reduce the risk, they do not eliminate it.

No banking apps would install on my last phone, because it was running an old version of Android.

Using a phone over 6 years old is a security risk because the software isn't having security patches, hence banks don't want to risk their software being compromised and yuou losing money, it's akin to leaving all your doors and windows open at home. You can get an Android 14 (full, not Go) phone from Argos for £100 which will have security to at least Feb 2027. A Samsung A15 5G will have 5 years of security updates albeit it's a year old already

So not a new phone every year, but a new £100 phone every 16 months?

Versus a credit card-sized device the bank gives you for free?

if you  buy a current   up-to-date  device you will have 6  years of  updates  in the vast majority of cases , if you choose to  buy a phone which as a model is already a number of years old, you  run the associated risk of shorter  support  horizons 

2 years of security updates is still common, and some manufacturers do not promise anything:

https://www.androidauthority.com/phone-update-policies-1658633/

Samsung seems to have the longest period of security updates for reasonably priced phones. None of the manufacturers' promises are completely watertight though.

Since the 29th April 2024, all new devices sold in the UK must have a PSTI Statement of Compliance. This is a document that confirms the  product meets the security requirements of the Product Security and Telecommunications Infrastructure (PSTI) Act 2022.

It is a legal requirement for manufacturers, importers, and distributors placing such products on the UK market to ensure the SoC accompanies the product and includes specific information like the product's minimum security support period and vulnerability disclosure policy.