New Bank Security Measures For Online Shopping

Bambino · ‎01-12-2018

You better have a good mobile signal, according to this article.

https://www.bbc.com/news/business-46399707

I DO NOT WORK FOR O2

Cleoriff · ‎01-12-2018

I rarely shop online via my phone, it's usually on my PC.

However, I wonder if this will apply to all banks?

I have a couple of place I shop regularly and my card(s) are stored with them.

So when I press buy, I am directed to the card(s) I want to use. Once selected, my transaction goes through with no further checks.

If I make a large purchase or buy a gift card (whatever the value), I am simply required to input my card details again.

Veritas Numquam Perit

Bambino · ‎01-12-2018

@Cleoriff If I understood the article correctly, it's an EU directive (you are still in the EU:smileywink:) that has already been adopted by the UK, and it will apply to all banks. It looks like they are introducing two-step verification for online transactions, but there are also certain exceptions, if I'm reading it right. I guess you'll find out if it applies to you when it comes into effect.

I DO NOT WORK FOR O2

sheepdog · ‎01-12-2018

Looks like you will need be extra careful with your mobile phone if they're sending one time codes. They say its to combat fraud but isn't it yet another way for the banks to pass the blame back to their customers? Oh your phone got stolen? It wasn't reported quick enough so pay up because the OTP was authorised by you...

Of course you'll be getting stories of unauthorised payments being made by either being drunk or it was the kids that did it.

Bambino · ‎01-12-2018

Those are certainly possible scenarios @sheepdog, but I think two-step verification is a good thing, and will prevent a huge amount of fraud. If your credit/debit card is kept separately from your phone it will, in an ideal world, be impossible to make a purchase should you lose one or the other or have them stolen. No security is foolproof, but this is a good step forward.

I DO NOT WORK FOR O2

Anonymous · ‎01-12-2018

As far as I understand it, in the UK at least (things may of course be different across your side of the pond @Bambino) SMS has always been a 'best endeavours' service with SMS being at the bottom of the priority list when a network is heavily loaded which is why you'd sometimes get text messages from friends wishing you Happy New Year at 4 or 5 a.m. on Jan 1st when people used to do it that way not so long ago.

So you could be waiting for a bit for the message this time of year if enough of them are being sent out.

Bambino · ‎01-12-2018

I have two sites that use two-step verification with SMS here @Anonymous, and have never experienced any delay. Mind you, I'm not logging in on NYE so I couldn't say for certain that there would be a lag. You'd hope that an SMS from a UK bank when making a purchase would go through quickly, but as you say, it would depend on the time of day and amount of traffic during any particular season. Still, it's the best they've got at the moment, and hopefully things will improve when 5G eventually rolls in.

I DO NOT WORK FOR O2

TallTrees · ‎01-12-2018

@Bambino wrote:
Those are certainly possible scenarios @sheepdog, but I think two-step verification is a good thing, and will prevent a huge amount of fraud. If your credit/debit card is kept separately from your phone it will, in an ideal world, be impossible to make a purchase should you lose one or the other or have them stolen. No security is foolproof, but this is a good step forward.

Well we are always wanting more security ~ and it is good even if it is a bit difficult at first.

No complaints from me.

HAPPINESS IS BEE SHAPED

Anonymous · ‎01-12-2018

@Bambino wrote:
I have two sites that use two-step verification with SMS here @Anonymous, and have never experienced any delay. Mind you, I'm not logging in on NYE so I couldn't say for certain that there would be a lag. You'd hope that an SMS from a UK bank when making a purchase would go through quickly, but as you say, it would depend on the time of day and amount of traffic during any particular season. Still, it's the best they've got at the moment, and hopefully things will improve when 5G eventually rolls in.

@Bambino

I made the mistake a couple of times of leaving my phone on after I'd gone to sleep on NYE (I tend to watch the Big Ben chimes at midnight and leave it at that) and I had quite a loud SMS alert so I definitely heard it!

It'll be interesting to see what happens, as you say at the moment it's the best we've got as I don't think UK banks want to end up with a Microsoft style 2FA outage https://www.theregister.co.uk/2018/11/19/azure_down/ particularly as they've had plenty of outages of late which the Government aren't that happy about https://www.telegraph.co.uk/business/2018/09/21/natwest-suffers-online-mobile-banking-outage/

sheepdog · ‎01-12-2018

Well one bank is already implementing it beginning with S ending in antander. Just went to pay a bill online and had to be sent a text message to confirm. Except my phone was in the other room so had to find that to enter the code before the expiry time!