/ Money, Technology

O2 Wallet – how many passwords do I need to remember?

Mobile payments – it sounds like a great idea. But when you have to create four new passwords to get past the security, is it any wonder I made a muppet of myself in the Which? Money podcast?

‘Come and test out the O2 Wallet in the podcast,’ he said. ‘It’ll be easy and fun,’ he said. ‘He’ is deputy Money editor Gareth Shaw, who made it sound like a simple affair. If only.

O2 Wallet is another one of those mobile payment apps, like Barclays Pingit, that lets you text money to your mates. It promises to be a handy little service, which should be faster than tugging a fiver out of your pocket and handing it over to them. But there are hurdles to jump over…

As easy as 1, 5, 8, 9, 7…

Installing the app was a cinch, but after picking a four-digit passcode came the registration process. You don’t have to be an O2 customer to use the app, but you do need an O2 account created through O2’s website. Since this is a bit fiddly to do on my phone, I turned on my laptop, typed in my details and picked a password.

I then had to set up an O2 Wallet account with its own password. The passwords didn’t stop there, with a ‘Pay Password’ to approve payments. That’s a passcode, O2 password, Wallet password and Pay password. Creating them all put my head in a muddle (to say the least).

The process got even more convoluted – you have to add your bank account and your card. These processes came with their own ‘verification’, ‘activation’ and ‘security’ codes (I’m not joking) to confirm everything’s fine and dandy. As you can imagine, these codes pushed an already confused Paddy into an even more confused one.

Finally, O2 popped two small payments into my bank account (eg. 4p and 7p). A few days later (they take up to five working days) I typed in them in and the app was raring to go. Phew.

‘We’ve had to block your O2 Money Account’

And so there I was, sitting in my podcast chair, ready to text a fiver to Gareth ‘live’ on air.

‘Please enter the 2nd, 6th and 8th characters of your Pay password’. Tap, tap, tap… ‘the Pay Password you entered isn’t right. Please check and have another go’. Tap… tap… tap… ‘have another go…’ ‘OK, so it must be this password,’ I mused. Here goes… tap, tap, slip!

I had hit the wrong character. There’s no option to clear characters as the app automatically accepts the first three digits. Then came the dreaded text – ‘we’ve had to block your O2 Money Account’. Fail. You can listen to this excruciating moment in this week’s Money podcast. And though there’s much of my own stupidity sprinkled on this tale, I don’t think I can be expected to remember four new passwords, let alone which one’s which.

As soon as the podcast ended, my head hanging in shame, I rang up O2’s admittedly helpful and cheerful customer services. She talked me through resetting my password(s) (even this involved using my computer and my phone) and helped me send a payment. A fiver arrived in Gareth’s ‘wallet’ successfully, and was kindly sent back within minutes.

There’s another sting in this tale – if you’re not with O2 you’re given an 0844 number to call customer services. My call took about 20 minutes, which costs £1.15 from a BT landline, £2.46 from an Orange pay-monthly mobile and a whopping £8 from a PAYG Orange mobile.

Thankfully I called from my landline, but it cost me a fifth of that £5 to take part in Gareth’s experiment. Still, O2’s Wallet could be a boon for mobile payments, as Gareth explains:

‘O2 has a bit of work to do to get its virtual wallet right but, teething problems aside, I think it’s a great innovation. You can shop, get special offers, and scan barcodes to find the cheapest prices online. I really think this is the future.’

I’m sorry O2. I didn’t mean to forget my password in the podcast, but as much as security is incredibly important, you didn’t exactly make it easy for me.

Comments
Member

Never min the embarrassment. You have made 11 pence, courtesy of O2, Patrick.

I think I will carry on using my credit card, debit card and cash. That’s just two PINs to remember and I learned them a lot of years ago.

New technology is fascinating but when money and security is involved, I would prefer to remain in the dark ages until any problems are resolved.

Member
James says:
28 August 2012

Hi Patrick, I’m James, and I head up the team who have worked on O2 Wallet over the past few months. Thanks for testing it out on your podcast and I’m sorry you weren’t able to send the Money Message to your colleague. I’m pleased to hear our customer services team sorted the issue afterwards. I thought it would be useful to give you a bit of insight in to what we’re doing with O2 Wallet – we know security is really important when it comes to mobile payments however we also value customer feedback, which is why we’re currently simplifying the sign up / password process. Mobile payment and m-commerce services are very much in their infancy in the UK and this is the first step into a very dynamic market. In time, we’ll add lots more functionality to O2 Wallet, plus NFC capability so you can use it to make ‘on tap’ payments in the future. We’re also working with our other business units to strengthen the customer experience – just imagine how powerful it will be for a customer to receive a ‘digital’ coupon with a special offer and pay for their purchase with O2 Wallet at the same time as using their coupon. That’s when things will get really exciting!

Member

Thanks James, hopefully you can make the log-in system simpler. Even though you may not need to remember all of the passwords to use the app, going through a system that requires you create them can mess with your head a little. Thanks again.

Member

@Patrick, I empathise. I have a solution for all your passwords (except the first two). Its a bit cumbersome on a mobile but its secure and it works.
1. Create two good secure passwords and commit one to memory.
2. Open a dropbox account (google and others offer a similar service). This gives you free storage on the net for the 1st 2 Gb. Your dropbox storage can be accessed from almost any platform as long as you have access to the internet. Secure access to the dropbox account with one password. Not the password you committed to memory because your PC will store it in the dropbox app but you should write it down and store it in a safe place.
3. Download the free KeePass app for your PC or Mac. This is a secure password management app which you can use it to store and manage all your passwords. It also has a useful password generator. Use KeePass to create a password database on your dropbox storage. Secure this database with the secure password that you have committed to memory.
You can now store all your passwords on your KeePass database without the need to memorise them. KeePass used AES and Twofish to encrypt the password database so it is secure.
4. Download the the dropbox and KeePass apps for you mobile device (they are both free apps). Setup drobox to access the same account you created from your PC and you now have access to your internet storage. Use KeePass to login and access your password database on dropbox. Note, KeePass is read only from a mobile device so you can only use it to read your passwords. Password creation or management must be done from your PC but this is a minor inconvenience.

Member

Thanks very much. I was trying to work out how I could possibly do this. I know I could put my passwords into a secure system on my computer, but that’s not too handy when you want to use a ‘mobile’ payments system. Using Dropbox could be a nice way to have access to all your passwords on your phone, and securely!

Still, I’m pretty good at remembering passwords, with my own systems. This was more a case of remembering which was which!

Member

OMG I can’t cope with all these passwords! We’re not supposed to write them down; some bank accounts want both alpha-numeric passwords and some even forbid consecutive numbers or letters. Others demand passwords must be of a certain length plus you have to have a username AND a customer number. I’m worn out and simply avoid all of this as much as I can – I just cannot cope/remember it all and I absolutely cannot afford to be barred from my bank account just because I haven’t got a mind like a Bletchley Park cryptographer! I even had an instance recently whereby I had the bank’s letters in front of me and tried logging on only to be refused. It turns out that this was the bank’s fault but it did nothing to promote online banking to me.