Banking on Security


In October 2007, I moved house. As part of my move, I went to see a mortgage advisor who scoured the marketplace and found us the best deal for an offset mortgage – working in the city, with seasonal bonuses, it’s nice to have this money offset against the mortgage and be free to over/underpay when I want. The deal that we chose was with Intelligent Finance.

Of course, to use an offset mortgage with a current and savings account, you want to be able to regularly use the online banking. The banking facilities are shockingly bad (the subject of another article, perhaps), so much so that I decided to keep my main current account with the highly recommended First Direct. This has suited me fine so far, but a week or so ago, I was running a little short in my current account and wanted to move some money back from IF.

IF have some nice functionality for ensuring security. I have a PIN, which is used if I call the helpdesk, and for setting up my online password, which I use to login regularly. If I call the helpdesk without the PIN, they can discuss features of my account after authenticating me via other challenge/response questions, but no changes transactions can be made. If I request a new PIN, both online and phone banking are blocked until I receive it in the post and use it.

On the website, when I attempt to set up a new payment destination, IF use a two-channel method to verify I am who I say I am – I receive an SMS to my registered mobile with a validation code that I have to enter… Great, except I don’t seem to be able to receive them!

In person

Meanwhile, a friend of mine lost their wallet last week. He was out, had a few drinks, and realised it had disappeared. After a series of drunken late-night calls to assorted banks, all his cards were safely cancelled and new issues requested, with only the inconvenience and £10 really lost.

He found an old cash-card for his bank at home, and took this to a cash machine without paying much attention to the card. The machine rejected his card – on looking at it, he discovered it had expired over a year ago! He promptly went into the branch and queued to chat to a friendly lady at the counter… Luckily it hasn’t become a trendy wine bar.

On recounting the story of how he’d lost his wallet, she took the card, opened up his account on her screen and exclaimed at the bountiful contents – he’s just been paid his bonus. She then asked, without any questions at all, how much cash he would like.


It just goes to show – banks can choose to use all the latest technological security methods to protect our details, whether it be 2FA or chip & pin, but if all it takes is a sob story and a long-expired card to get an account’s balance and a wad of cash, what good is the technology?