Safe as the bank of England

24Oct11

Information security is important to banks. That is why they go to some lengths to ask you to remember 5 security questions, a 12 digit customer number, a p455Würd! containing at least 8 characters which must include one capital letter, two numeric characters, punctuation and at least one Swedish vowel. In addition they will suspend your internet login if you type any element wrong more than once, etc.

I value this rigour. It is all too easy to give criminals open access to confidential data and financial details if you are not careful. We are also advised to shred any letters containing personal or financial information before throwing them in the bin.

Which is why I was quite surprised to receive three letters all at once from my new bank today.

The first letter contained my new debit card. This gives me access to my money via an ATM. All I have to do is to put the card in the machine (I must have the physical card – this is the first factor in a two-factor authentication system. The second factor is a virtual thing, the Personal Identification Number (PIN), which must be known only to me and which I must not write down because the bank would not refund me if there was a fraudulent withdrawal).

The second letter contained my new PIN. It was written down.

The third letter contained my new internet banking access credentials, which work in conjunction with the account details on the card in the first letter to give access to my account. This would allow me (or anyone else who knew the secret numbers in the letter) to change my account address and make payments to other accounts. It would also allow me (or anyone else etc.) to apply for a credit card, or several credit cards, using my account.

The bank in questions says: “Your safety is our priority. We do all we can to provide the very best security for your Internet Banking service.”

I wonder if they will pay me to suggest a simple, low cost way to improve their security for the benefit of all their customers?

Advertisements


No Responses Yet to “Safe as the bank of England”

  1. Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: