HSBC voice recognition insecure?
Options
mgdavid
Posts: 6,705 Forumite
The questions that get the best answers are the questions that give most detail....
0
Comments
-
http://www.moneysavingexpert.com/news/banking/2016/10/first-direct-customers-locked-out-of-their-bank-accounts-after-voice-id-system-fails-to-recognise-them
HSBC asked me on Wednesday 17th May, if I wanted voice recognition, and I gave them a categorical NO.
It's just not secure enough.
It's probably fine for read only mode, where you want to check money has turned up.0 -
Yes I agree with the above there is inherent insecurity in any method of signing in - in the BBC case they used a person's brother but realistically what are the chances of someone being able to use their voice to sign in to your account? in any case you can't really do much once you've got in you can't even make a payment as I understand it
You might just want to check what the banks terms conditions are in terms of reimbursing you should anyone managed to bypass voice security0 -
Effectively, Contactless payment has NO security, because the sums are trivial.
I can allow voice recognition on accounts with small amounts.
For accounts with real money in, never.
In fact, I would really like a Harry Potter Gringotts bank, where you must turn up in person to get your money.0 -
I suppose it depends on your outlook on life. I walk my dog in the woods every morning, along with hundreds of others. Someone mentioned that a dog had been bitten by an adder. Some people immediately stopped letting their dogs roam lose and kept them on a lead. I weighed up the chances and let mine carry on as normal.
There will always be people who are so risk averse that it stifles their life.I came into this world with nothing and I've got most of it left.0 -
Everytime i phone them.... they always hassle me NO MEANS NO
Not secure AT ALL.• HSBC (Main A/C)
• Halifax Back up A/C
• Lloyds (Spending) A/C
• RBS Back up A/C
• Barclays Old A/C
• Nationwide Old A/C0 -
Yes I agree with the above there is inherent insecurity in any method of signing in - in the BBC case they used a person's brother but realistically what are the chances of someone being able to use their voice to sign in to your account? in any case you can't really do much once you've got in you can't even make a payment as I understand it
You might just want to check what the banks terms conditions are in terms of reimbursing you should anyone managed to bypass voice security
There is nothing to stop the determined thief.
My house was totally locked down, and he just needed a crowbar to get through the window.
The hackers get through via the weakest link.
They are getting away with the proceed of house sales by intercepting e-mails, and telling the solicitor to send the money to a different account.
If they get through to see your account profile, by voice recognition, they will get your e-mail address, as well as most of your personal information. Phishing e-mails to your e-mail account follows, and if you click on it, good night Vienna.0 -
If they get through to see your account profile, by voice recognition, they will get your e-mail address, as well as most of your personal information. Phishing e-mails to your e-mail account follows, and if you click on it, good night Vienna.
And some banks still invite you to provide your mother's maiden name as a security question which, for many people, is as secure as clicking on freebmd dot org dot uk. Try it and see how long it would take someone who knows your name and year (not even exact date) of birth to find your MMN.
Ford Money should kindly take note :mad::mad::mad::mad:"In the future, everyone will be rich for 15 minutes"0 -
You don't have to give your mother's real maiden name of course you can make one up and just use it - as you say freebmd will tell you exactly what your real mother's maiden name is although to be fair if you have a common name then there will be a lot of hits to choose from if you have an unusual name then often it will be the only hit.0
-
And some banks still invite you to provide your mother's maiden name as a security question which, for many people, is as secure as clicking on freebmd dot org dot uk. Try it and see how long it would take someone who knows your name and year (not even exact date) of birth to find your MMN.
Ford Money should kindly take note :mad::mad::mad::mad:
very hit and miss.
Firstly it requires the subject to be born in this country.
Second, it would appear to be a good reason for women to adopt husband's surname upon marriage, as without their maiden name they are untraceable.
Also anyone born or married since 1984 is safe as the records aren't there yet.
Then you need the middle name(s) and/or initials to reduce the number of hits.
And finally if there are multiple hits (as there will be for common names) you need to have knowledge of the approximate place of birth,
probably a 1 in 4 chance of locating it this way, at best.The questions that get the best answers are the questions that give most detail....0 -
very hit and miss.
Firstly it requires the subject to be born in this country.
Second, it would appear to be a good reason for women to adopt husband's surname upon marriage, as without their maiden name they are untraceable.
Also anyone born or married since 1984 is safe as the records aren't there yet.
Then you need the middle name(s) and/or initials to reduce the number of hits.
And finally if there are multiple hits (as there will be for common names) you need to have knowledge of the approximate place of birth,
probably a 1 in 4 chance of locating it this way, at best.
I wouldn't disagree with most of what you say, but I was talking about many people, not everybody.
I also wouldn't use the word 'safe'. FreeBMD has the records going up to 1983, but commercial sites have later records which are easily accessible, often for free. These records cover the period for most people appearing on the GRO registers who will be old enough to have a bank account with likely amounts of money in them big enough to be attractive to fraudsters.
The marriage trick won't work either if the marriage appears on the GRO register then it is a relatively trivial exercise, in many cases, to find the marriage and work out the maiden name. Usually.
The marriage itself may provide the source of middlenames and/or initials.
If someone knows enough about you to identify your first and last names, year of birth, and who you bank with, then middlenames, quarter of birth, and even approximate location of birth may well be known already, or not that difficult to work out - especially for people who pass the time of day posting their life history on FB.
Only by having a very common surname and firstname, with no middlename, can you be relatively confident the GRO indexes will not help a fraudster identify your MMN.
True, you don't have to give your real MMN when registering with a bank, but how many people are aware of the risk, and how many people would feel uncomfortable about lying about a 'fact' the bank are asking them to provide as part of a financial application? It would be far better for the banks to restrict themselves to asking for a 'memorable name' rather than specifically MMN.
These news headlines are about the scenario in which someone who has a twin was able to partially fool a system. The number of people who can do that is miniscule in comparison to the number of people who have an easily identifiable MMN - and that was really my point, the banks ask for MMN yet we rarely see the same kind of loud headlines pointing out how insecure that piece of information might be."In the future, everyone will be rich for 15 minutes"0
This discussion has been closed.
Categories
- All Categories
- 343.2K Banking & Borrowing
- 250.1K Reduce Debt & Boost Income
- 449.7K Spending & Discounts
- 235.3K Work, Benefits & Business
- 608.1K Mortgages, Homes & Bills
- 173.1K Life & Family
- 247.9K Travel & Transport
- 1.5M Hobbies & Leisure
- 15.9K Discuss & Feedback
- 15.1K Coronavirus Support Boards