Security of my Credit Union

BlackWizard

I'm slightly concerned about the security of my credit union.

I was able to ring them over the phone and confirm who I was by just supplying them with basic information like my contact number, house address and something else very basic.

During the call I realised that everything they asked me for was pretty much on Facebook or other sites.

With this information someone could check my balance and do anything they liked over the phone. With a fake ID I guess they could also take money out.

coylemj

BlackWizard wrote: »

During the call I realised that everything they asked me for was pretty much on Facebook or other sites.

You can't have it both ways - you rang them to get a service and now you're complaining because they didn't tell you to get up off your lazy arse and go into the office!

If there's so much of your personal data on Facebook and other websites, that's something you need to sort out, there's nothing they can do about it. For starters you need to make sure that your year of birth is not visible on your FB profile because that and your birthday gives someone your full date of birth which means they're halfway down the road to identity theft.

BlackWizard

Really you don't think it's a bit too easy? Should they not think about using a type of secret to authenticate me?

Toots

You could ask them to put a flag on your account and specify a secret question that you have to answer. I know my credit union has this option, not sure about all of them though.

Also an option that would make most sense is don't put so much personal info out there for people to see on the internet. No need to have full DOB on facebook, and wherever you've got your home address displayed, delete that.

BlackWizard

I think DOB is very easy to guess once you have the day and month which we all have access to either from Facebook or just through knowing someone.

I'll wait for the CU to get back to me. They said they would give me a call back to see if there is something they can do.

I remember using phone banking years ago and I had to use a pin. I'm just surprised that years later we are going backwards with security. Or maybe my Credit Union is just really outdated.

Spocker

A lot of credit unions are small, local organisations, that don't have the monies available to invest in sophisticated security systems, so I think 'outdated' is perhaps the wrong word there

coylemj

Spocker wrote: »

A lot of credit unions are small, local organisations, that don't have the monies available to invest in sophisticated security systems, so I think 'outdated' is perhaps the wrong word there

+1 Before you get through to a call agent in BoI you're asked to enter three of the six digits in your PIN on your phone keypad, that means that you've passed the security test before you get to speak to a human, the CUs as said above can't afford that type of system because they're all separate.

Several years ago they (Irish League of Credit Unions) did manage to blow over €100m in an attempt to develop a system which would allow them to take on the major banks but it sank down a black hole of incompetence.

amdublin

They'd be standard enough security questions to be asked.

sassyj

BlackWizard wrote: »

I think DOB is very easy to guess once you have the day and month which we all have access to either from Facebook or just through knowing someone.

I'll wait for the CU to get back to me. They said they would give me a call back to see if there is something they can do.

I remember using phone banking years ago and I had to use a pin. I'm just surprised that years later we are going backwards with security. Or maybe my Credit Union is just really outdated.

I wouldn't have your dob viewable.in FB, I've mine hidden, people put far too much info out there. Of course, that would mean missing out on all those meaningful birthday wishes (not directed at you OP I'm going off on a tangent!)