Safe as the bank of England

24Oct11

Information security is important to banks. That is why they go to some lengths to ask you to remember 5 security questions, a 12 digit customer number, a p455Würd! containing at least 8 characters which must include one capital letter, two numeric characters, punctuation and at least one Swedish vowel. In addition they will suspend your internet login if you type any element wrong more than once, etc.

I value this rigour. It is all too easy to give criminals open access to confidential data and financial details if you are not careful. We are also advised to shred any letters containing personal or financial information before throwing them in the bin.

Which is why I was quite surprised to receive three letters all at once from my new bank today.

The first letter contained my new debit card. This gives me access to my money via an ATM. All I have to do is to put the card in the machine (I must have the physical card – this is the first factor in a two-factor authentication system. The second factor is a virtual thing, the Personal Identification Number (PIN), which must be known only to me and which I must not write down because the bank would not refund me if there was a fraudulent withdrawal).

The second letter contained my new PIN. It was written down.

The third letter contained my new internet banking access credentials, which work in conjunction with the account details on the card in the first letter to give access to my account. This would allow me (or anyone else who knew the secret numbers in the letter) to change my account address and make payments to other accounts. It would also allow me (or anyone else etc.) to apply for a credit card, or several credit cards, using my account.

The bank in questions says: “Your safety is our priority. We do all we can to provide the very best security for your Internet Banking service.”

I wonder if they will pay me to suggest a simple, low cost way to improve their security for the benefit of all their customers?

No Responses Yet to “Safe as the bank of England”

Feed for this Entry Trackback Address

Leave a Comment

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Twitter account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

You are commenting using your Google+ account. ( Log Out / Change )

Cancel

Connecting to %s

October 2011

M T W T F S S

« Sep Nov »

1 2

3 4 5 6 7 8 9

10 11 12 13 14 15 16

17 18 19 20 21 22 23

24 25 26 27 28 29 30

31
Blogroll
- Father of the bride
Recent Posts
Archives
- November 2013
- October 2013
- September 2013
- August 2013
- June 2013
- May 2013
- April 2013
- March 2013
- February 2013
- January 2013
- December 2012
- November 2012
- October 2012
- September 2012
- August 2012
- July 2012
- June 2012
- May 2012
- April 2012
- March 2012
- February 2012
- January 2012
- December 2011
- November 2011
- October 2011
- September 2011
- August 2011
- July 2011
- June 2011
- May 2011
- April 2011
- March 2011
- February 2011
- January 2011
- December 2010
- November 2010
- October 2010
- September 2010
- August 2010
- July 2010
- June 2010
- May 2010
- April 2010
- March 2010
- February 2010
- January 2010
- December 2009
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009

M	T	W	T	F	S	S
« Sep				Nov »
					1	2
3	4	5	6	7	8	9
10	11	12	13	14	15	16
17	18	19	20	21	22	23
24	25	26	27	28	29	30
31