Starling Bank Security

This is a fairly common story on here.

OP goes out drinking in what is eventually revealed to be a strip-club or similar establishment, is "drugged" (maybe for real, maybe just excessively drunk) and the establishment take him for every penny they can (chip-and-PIN purchases).

As the PIN was used the bank are not keen to chargeback the transactions, as it simply looks like morning-after remorse.

Clearly not the bank's fault whatever the situation was.

The only way forward is a formal complaint to the bank setting out what happened with as much evidence as is available (e.g. the crime number from the Polish police), within the 120 day chargeback time limit. Escalate to the ombudsman if necessary.

Anthorn wrote: »

There is another way to defraud on a Starling account and that's to steal a mobile phone which is not secured which has a Starling app with a weak password. In my view this could be the one reason why Starling should refuse compensation. That could be the reason why instant notifications from the Starling app were not received. The other reason could be mobile payments such as Apple Pay or Google Pay with the Starling card linked on a similarly insecure mobile phone.

Everyone should be aware that mobile banking apps and mobile payments apps are only as secure as your phone!

Possibly. Though every banking app I've installed has, I think, a pre-condition of installation that the phone is secured via PIN etc. I haven't tried every banking app but I assume this would be a default condition for all. Plus of course the App's own security.

What I don't know, not having tried it, is whether a banking app disables itself if you turn off phone security. Again I assume it should. And phone security can only, normally, be turned off by confirming, er, phone security - so a thief couldn't do it.

If all these assumptions are correct a thief would not be able to use banking on a stolen phone unless they knew the phone's security. If the phone was unsecured the banking app wouldn't work. Unless the banking app was so simple it didn't notice here was no security set any more.

Unless... they kept a stolen but secured phone from sleeping by constantly using the screen.

But I may be wrong about banking apps and requirements for phone security.

18cc wrote: »

All banking apps are secured by a PIN, or password, or similar. So if a phone is stolen then in a way it doesn't matter if the phone is unsecured because they still won't be able to get into the app.

What they WILL be able to do though is take out the SIM and put it in another phone unless the SIM card is secured. Everyone's first priority should be to put a lock on their SIM so it can't be used if lost/stolen. This is particularly true if your bank uses text messages or phone verification to verify transactions.

That said, no one can break into your Starling app unless they know the PIN.

Except that some people have their password as "password" and their PIN as "123456". No matter how many times the folly of this is highlighted they still do it. Either that or they have the same password and/or PIN for everything so anyone who gets the password and/or PIN gets access to everything.