Safe as the bank of England
Information security is important to banks. That is why they go to some lengths to ask you to remember 5 security questions, a 12 digit customer number, a p455Würd! containing at least 8 characters which must include one capital letter, two numeric characters, punctuation and at least one Swedish vowel. In addition they will suspend your internet login if you type any element wrong more than once, etc.
I value this rigour. It is all too easy to give criminals open access to confidential data and financial details if you are not careful. We are also advised to shred any letters containing personal or financial information before throwing them in the bin.
Which is why I was quite surprised to receive three letters all at once from my new bank today.
The first letter contained my new debit card. This gives me access to my money via an ATM. All I have to do is to put the card in the machine (I must have the physical card – this is the first factor in a two-factor authentication system. The second factor is a virtual thing, the Personal Identification Number (PIN), which must be known only to me and which I must not write down because the bank would not refund me if there was a fraudulent withdrawal).
The second letter contained my new PIN. It was written down.
The third letter contained my new internet banking access credentials, which work in conjunction with the account details on the card in the first letter to give access to my account. This would allow me (or anyone else who knew the secret numbers in the letter) to change my account address and make payments to other accounts. It would also allow me (or anyone else etc.) to apply for a credit card, or several credit cards, using my account.
The bank in questions says: “Your safety is our priority. We do all we can to provide the very best security for your Internet Banking service.”
I wonder if they will pay me to suggest a simple, low cost way to improve their security for the benefit of all their customers?
Filed under: Uncategorized | Leave a Comment
No Responses Yet to “Safe as the bank of England”