Anytime Banking concept is starting to annoy me!

Random

The whole concept of "Anytime Banking" is starting to piss me off. To me, this ment I could access my account from anywhere easily.

Ulster Bank initially had an annoying Java security cert which I found myself copy/paste from PC to PC to maintain access on everything - hardly an ideal "anytime" solution as you can't access without the security cert which you technically had to have UB re-issue for each PC.

Then they got rid of this, brought out a PIN/Password system. I rejoiced. I loved them for it.

Now I have a chip&PIN card, card reader and a PIN number. I'm supposed to use this for certain things on their service.

For christs sake lads, can't it be more portable or conveinent than you're making it?

AIB ... they were always great ... then a code card. The bloody code card keeps wearing down in my pocket and is truly annoying .. although I'll take it over the card reader any day.

Then Rabo ... bloody nonsense ...

Am I the only one who feels like there's too much crap involved in anytime banking more and more?


*yes .. security .. yada yada yada .. but come on!

RaboDirect

Random,
Unfortunately relying on static passwords and PIN's is now an unreliable and vulnerable way of preventing unauthorised access to your online banking accounts. Customers of Irish banks have lost money to phishing attacks. They are very vulnerable to keystroke logging and phishing attacks. The Irish retail banks are now slowly starting to follow the lead of their European counterparts by replacing password/PIN's with token based technology. These are based on devices such as random card readers that Ulster Bank have recently rolled out and and the RaboDirect Digipass that we launched with it in 2005. The random reader is used by many banks in Europe and is likely to be adopted in the UK by the banks there.

It can become a pain alright if you have accounts with more than one bank and you have to carry around tokens to get access to your online accounts. In the Netherlands Rabobank uses the random reader but the good news is that Rabo's random reader can also be used with its competitors' chip & pin cards so the customer only really needs one reader.

We are looking at various forms of technology that reduce the burden on the customer but also, crucially, maintain or improve current security standards. For example, it is possible to use your mobile phone to access and authorise online banking transactions but the technology isn't robust enough yet. We are also looking at slimmer and lighter options for our Digipass, ie, one that could fit in your wallet.

Customers do tend to make a tradeoff between security and convenience and some people would prefer to rely on static passwords and PIN's. But if your account was emptied and your identity stolen because your bank only offered passwords and PIN's you'd probably wish your bank had offered tighter security.

All the best,
RaboDirect

BuffyBot

Am I the only one who feels like there's too much crap involved in anytime banking more and more?

Probably not, but it doesn't make it any less nessecary. Now, I'm pretty security concious having worked in both the banking and information security fields for a long time but I quite like having the extra layer of protection that these devices give. What RaboDirect has said it perfectly correct - a small inconvenience is better than a large loss of money and the security of your information in my eyes

regi

I'd actually prefer it if my main bank (BoI) gave me a token device, rather than using dodgy numbers and pins.

jd83

Yh id rather have to carry a token or a card reader than having my account emptied because someone got my pins. It sucks but at least your account is more secure.

stepbar

regi wrote: »

I'd actually prefer it if my main bank (BoI) gave me a token device, rather than using dodgy numbers and pins.

When BOI first brought out Banking 365 / Internet Banking (10+ odd years ago), they did use a token device. However, customers found it hard to use the device and so the technology was scrapped. I agree that the future is token devices and perhaps biometrics / fingerprint technology.

deRanged

regi wrote: »

I'd actually prefer it if my main bank (BoI) gave me a token device, rather than using dodgy numbers and pins.

me too. the extra security for a small extra cost in time is a great deal.

Random

deRanged wrote: »

me too. the extra security for a small extra cost in time is a great deal.

You see, it's not just an extra cost in time. I don't mind if it takes me 5 mins to login, my problem is that I won't be able to access Ulster bank now "anytime". I'll only be able to access it at home (as I won't be carrying that massive card reader arround with me).

Yes, still a useful service but now much more limited.

Wertz

I have no idea about UB, but I'm happy enough with rabo's digipass thing...I mean it's not as if it isn't portable. My only worry would be perhaps loosing it and having to wait to have it replaced (murphy's law dicates that this would happen at the most inconvenient time)
As for BoI's system, maybe I'm being a bit naive but I think it offers decent security without the need for baggage. I especially like how they've changed the PIN input system to drop down menus instead of entering numbers, on the off chance that someone is key logging. Only two secret questions (address/DOB) is a bit limited though...
All that said, I do 90% of my online banking from home PC...not sure if I'd be so confident accessing accounts from a public terminal or a machine in work (assuming I had a machine in work), but then since in those situations I can usually do it over the phone, either in person or using keypad, so it all evens out...

paulksnn

AIB have a card with a series of 100-200 4 digit numbers on it. They ask you for a specific number and if you get it right it lets you through. The card is basically the size of a credit card on relatively toughened paper. Fits in the wallet grand and easy.

Rabo have the digipass thing, which although small and secure is a pain in the ass to carry around. It's slightly smaller than a credit card and about as thick as a decent mans watch.

This new ulster bank thing is a pile of horse****. Security might be necessary, but now I have a seperate chip card just for internet banking(why it doesn't use my ATM or credit card I've no idea). I could live with that, another card in the wallet. But the reader is about twice the size of the rabo digipass.

I bank online from home and work, and I'll be arsed if I'm going to be dragging that UB card reader around with me. What were they thinking.

Thomas_S_Hunterson

paulksnn wrote: »

AIB have a card with a series of 100-200 4 digit numbers on it. They ask you for a specific number and if you get it right it lets you through. The card is basically the size of a credit card on relatively toughened paper.

Only problem with it is, as mentioned above, the numbers scrape off easily and you could end up in a bit of a fix if you pull it out of a wallet and the numbers are all smudged.

paulksnn

Sean_K wrote: »

Only problem with it is, as mentioned above, the numbers scrape off easily and you could end up in a bit of a fix if you pull it out of a wallet and the numbers are all smudged.

That has happened Sean, and it ended up I had to wait 3 days for them to post out the new one. I'll take occasional inconvenience over constant inconvenience any day.

Just got this in the mail this morning from Ulster bank....a bleeding card reader code generating thing. How much security are they going to add ffs?

I've got codes for them coming out of my ears and now they add another level security that I've got to hog about with me.

Anyone else very annoyed by this?

biko

P-TSB ftw. Just a few security codes you can remember somewhat easily.
I actually changed banks because of the i-net security being a bit too much, I do all my business over the internet bank so need to be able to access quickly and easily from my laptop.

Random

Deleted User wrote: »

Just got this in the mail this morning from Ulster bank....a bleeding card reader code generating thing. How much security are they going to add ffs?

I've got codes for them coming out of my ears and now they add another level security that I've got to hog about with me.

Anyone else very annoyed by this?

My rant was here from a while back.http://www.boards.ie/vbulletin/showthread.php?t=2055208713

Thanks for that link random...I'm firmly with you on this. Thank god I'm not alone and someone else out there agrees with me. PIN and password is enough in my opinion. I'm not stupid and aren't going to get caught by phishing or keylogging.

I sent an email complaining to the lady (judy Kelly) listed in the letter I got with the card reader. I made reference to the token thingy that BOI had 10 years ago but saw the light and got rid of.

Surprised to hear that you have a card reader so long Random...I thought it was a new thing.

Random can you clear one thing up for me? Do I use the card reader in conjunction with my ATM card? I tried and kept getting the message "REMOVE CARD" and nothing would happen

TJJP

It's a bit of a pain alright, but you don't need it much. Online rarely requires you to use it, unless its one of those times you haven't got it with you.........

Mostly its for large transfers and to add new payees it seems.

You do need the bank card to use with it.

I reckon its dangerous overall, how long will it take some computer wiz to crack one in order to get it to display card pin numbers.....

TJJP

TJJP wrote: »

You do need the bank card to use with it.

No matter what way I put it in I get "REMOVE CARD" spat back at me! Maybe it's not activated yet or something. I haven't been prompted to use it yet....just checking it out.

Santa Claus

I used to work for a company that specialised in Internet Banking systems and we got rid of cards and card readers as an option about 6 years ago because all the banks complained that their customers found them too awkward.

There was very little added security from the card reader, it was more just a visible security device to offer to banks when selling the products (private swiss banks were the only ones that took it I remember).

BuffyBot

Threads merged,

Random

You don't use your ATM card with it. They sent out a separate Card reader / online card and PIN.

It has nothing to do with your day to day Laser or ATM card. Another rant I had. More bloody cards.

TJJP

Deleted User wrote: »

No matter what way I put it in I get "REMOVE CARD" spat back at me! Maybe it's not activated yet or something.

Yeah, I had to activate mine on first log-in about six months ago, only had to use it twice since.

random wrote: »

You don't use your ATM card with it. They sent out a separate Card reader / online card and PIN. It has nothing to do with your day to day Laser or ATM card. Another rant I had. More bloody cards.

Eh? Not in my case, we are talking Ulster Bank here aren't we?

Maybe I'm special, but I get to use my usual everyday ATM card with the card reader-nuisance.

The Rooster

RaboDirect wrote: »

RaboDirect Digipass that we launched with it in 2005. The random reader is used by many banks in Europe and is likely to be adopted in the UK by the banks there.

It can become a pain alright if you have accounts with more than one bank and you have to carry around tokens to get access to your online accounts. In the Netherlands Rabobank uses the random reader but the good news is that Rabo's random reader can also be used with its competitors' chip & pin cards so the customer only really needs one reader.

All the best,
RaboDirect

The Digipass is a little awkward, but I don't really mind as I can access it at home. The Rabo "Money Mover" is brilliant. With most on-lin savings accounts its easy to move money out, the Money Mover makes it easy to move money in as well.

The big problem with Rabo is the mediocre 4.3% interest rate. What's up with that RaboDirect?? I had to move all my money out. Bring back the 5% (or better!) rate now!!

Random

Very strage. Unless they have 2 different versions of it.

TJJP

random wrote: »

Very strage. Unless they have 2 different versions of it.

Not beyond the realms of possibility. I did look it up on their website, but surprise surprise no mention of card nonsense at all.