Online banking – do we want safety over convenience?

HSBC providing lots of security in e-banking providing digital signature in e-checks. N lots of protocols to send important data via network in different different layers…

HSBC has produced an advertisement featuring a puzzle box which completely frustrates its owner and denies access to the savings. Bit like their security system really.

Really good security should require something you have, something you know and something you are. Unless every device used to access systems has finger print or iris readers we cannot do the last of these. However we should not stint on the first two. Just requiring passwords and other data to be typed in does not give adequate security. You must add something like a card reader to read your banking debit card to give anything like satisfactory security. It annoys me intensely that the banks have yet to get together and agree on a common standard for such devices.

I am amazed that Nationwide tops the poll. I have moved my personal banking to First Direct and my business banking to HSBC.
The problem with Nationwide is that often you have to use the card reader to confirm every transaction which was driving me to distraction. It got to the point where we’d had enough and despite many emails and complaints to Nationwide they weren’t interested in listening.
In our opinion the security at First Direct is good and at HSBC is excellent.
If Nationwide top the poll for security then Which have got it very wrong.

Received a new card in connection with my Tesco savings account, had to phone them to get it activated, which is fair enough. They launched into a long explanation of their new security system which requires a new PIN and password. But I kept getting passed around and had to identify myself four times. I think this is ludicrous, I’ve always been a fan of Tesco but now I’m considering closing my account. I mean, twenty minutes on the phone, I really have better things to do.

Lets remember that most of us use banks to hold OUR cash. The modern system of financial transactions makes it almost imperative that we have a bank account, but the Banks are making money by USING OUR cash. They have a duty to secure it but passing that responsibility back to us is simply a way of minimizing their liability in looking after OUR cash securely.
When I want to use Internet banking I have to go through a secure log on procedure just to open my computer. There is a second lair of security when I access the bank’s website. Then I have to provide them with three or four separate items if secure data. At this point I think I have been sufficiently responsible in helping them to protect MY cash and I’d like to be able to access my information without the added foolishness of having to secure each transaction with a card reader. It becomes Kafka-esk when they require the card reader just to get into their website – making mobile Internet banking too cumbersome for words.

I find the enhanced First Direct security process a complete pain. It is two stage, but the problem is, like many people i have other accounts and this one requires two separate passwords and it won’t accept the ones i normally use. With other 80 passwords to manage, i find almost all other Online Banking services easier and so after 25 years with First Direct i shall leave them. I think they have been taken over by process orientated computer programmers, as opposed to being customer orientated

I use internet banking frequently, including making online payments. I’m always very careful about checking bank account and sort code details before committing a payment, but I consider it very risky, as there is no check on the validity or accuracy of your entry. The name of the account entered is not used and if 2 digits are reversed and the result is an valid account then you may have a struggle to get your money back. I seem to recall many years ago entering bank details into a computer system with a check digit. This used a simple algorithm to perform a specific calculation on individual digits from the account number entered to produce a single digit result This result was then compared on entry with the check digit – usually the last digit of the account number. It was a simple way of catching mis-keying and it worked. Why isn’t it used now in internet banking?