Bank comparisons

[Backache]

Not particularly interested in the general nurgatory rates of return but in security.
Which are the best banks from the point of view of security and return of money from social hacking?
Preferably whilst still offering a decent banking service for telephone and online banking.
Are there any comparison sites?

[MyNameIsUrl]

MoneySavingExpert has ratings for quality of service:
https://www.moneysavingexpert.com/banki ... -accounts/

It doesn't mention security specifically, but at least you can discount those with poor service and maybe research in detail the better ones. For example, the TSB website makes the claim 'There’s only one bank in Britain that offers you a Fraud Refund Guarantee.'
https://www.tsb.co.uk/fraud-prevention- ... _ALL_CT_CO

[airbus330]

I have had a very good experience of First Direct over the last 20+ years, pretty much since they started. They are impeccably polite on the phone, in my experience efficient (when they very occasionally have not been, a written apology and on one occasion a bottle of wine have followed) and their website and app work well. Now, I recently had a moan at them due to what I felt was an overly complex login process. They have gone two factor, requiring a code generation from the app, so as to enable login on a PC. While most of my other bank accounts need 2 factor authentication, only FD (this may have changed) needed you to generate the code rather than it simply being texted to you. I have got used to the system now and it is quite re-assuring. For voice calls to the bank they use speech recognition technology in addition to passwords. It definitely works, as I got refused access when on a dodgy phone line once. From what I have read, the main worry for banks is the ancient software running in the background, but this seems to affect all bar the new kids on the block like Starling.

[Lootman]

Now, I recently had a moan at them due to what I felt was an overly complex login process. They have gone two factor, requiring a code generation from the app, so as to enable login on a PC. While most of my other bank accounts need 2 factor authentication, only FD (this may have changed) needed you to generate the code rather than it simply being texted to you.

It is sad but I am now starting to choose financial institutions based on how unponderous their 2FA is.

I like your name, by the way.

[scrumpyjack]

quote="Lootman"]

Now, I recently had a moan at them due to what I felt was an overly complex login process. They have gone two factor, requiring a code generation from the app, so as to enable login on a PC. While most of my other bank accounts need 2 factor authentication, only FD (this may have changed) needed you to generate the code rather than it simply being texted to you.

It is sad but I am now starting to choose financial institutions based on how unponderous their 2FA is.

I like your name, by the way.[/quote]


I use both NatWest and Barclays and increasingly do things, where possible, with the mobile phone apps. These don't use 2FA, presumably because the mobile phone connection is deemed secure. Very quick and easy, much better than ponderously logging in over the Internet

[swill453]

I use both NatWest and Barclays and increasingly do things, where possible, with the mobile phone apps. These don't use 2FA, presumably because the mobile phone connection is deemed secure. Very quick and easy, much better than ponderously logging in over the Internet

Most of the banking apps I've come across do use two factors - possession of (registered) phone plus either a PIN/password or biometric id.

Scott.

[airbus330]

Just to clarify, the FD app can be used with fingerprint authentication only, thus not needing 2FA.

I do agree though, that the simplicity of the app is gently herding us down that route. But it does worry me how reliant we can become on the portable device. Apple, in particular, has a terrific reputation for keeping its users safe. But, one day, someone will break down the door of their security. I would be very resistant to being reliant on Android devices, too many security question marks.

[mc2fool]

Just to clarify, the FD app can be used with fingerprint authentication only, thus not needing 2FA.

That is two factor authentication. The EU directive requires two of: something you know (e.g. password), something you have (e.g. a mobile phone), and something you are (e.g. fingerprint). Your app uses the last two factors.

[scrumpyjack]

I use both NatWest and Barclays and increasingly do things, where possible, with the mobile phone apps. These don't use 2FA, presumably because the mobile phone connection is deemed secure. Very quick and easy, much better than ponderously logging in over the Internet

Most of the banking apps I've come across do use two factors - possession of (registered) phone plus either a PIN/password or biometric id.

Scott.

Effectively once you have installed the NatWest or Barclays app on your phone you simply enter a 6 or 5 digit pin. You don't have to wait for an SMS and type in a code as well. They do have lower transaction limits for some things but there isn't much you can't do on the phone app.

Can't remember when I last went into a bank or phoned the bank.

[airbus330]

Just to clarify, the FD app can be used with fingerprint authentication only, thus not needing 2FA.

That is two factor authentication. The EU directive requires two of: something you know (e.g. password), something you have (e.g. a mobile phone), and something you are (e.g. fingerprint). Your app uses the last two factors.

I didn't know that definition, thanks for the info.

[panamagold]

They have gone two factor, requiring a code generation from the app, so as to enable login on a PC. While most of my other bank accounts need 2 factor authentication, only FD (this may have changed) needed you to generate the code rather than it simply being texted to you.

I think you will find that accessing FD via a pc allows, at present, memorable data entry following Username - Log On.
On the following page you will see an option, at the top of the page, ' You can log on without a Secure Key here >'.

[Alaric]

Effectively once you have installed the NatWest or Barclays app on your phone you simply enter a 6 or 5 digit pin. .

Phones are more easily lost than computers, so isn't that no more secure than the approach of going to the website hit the login button with a user id and quote three letters from a password and three numbers from a PIN? The three letters and three numbers approach has been the Nat West method since the 1990s. I'm reluctant to use a phone for banking other than receiving a text code if they insist on doing that way.

[scrumpyjack]

I understand, but doing it on a PC having entered your user id and password numbers and letters you then have to wait for an SMS with a code and enter that as well. Not sure what you do if you've lost your phone as you won't get the SMS.

One reason for having an account at Barclays as well as Natwest is that if security or other problems arise on logging in to one account, I can use the other.

Anyway most things are paid by credit card these days.

[airbus330]

They have gone two factor, requiring a code generation from the app, so as to enable login on a PC. While most of my other bank accounts need 2 factor authentication, only FD (this may have changed) needed you to generate the code rather than it simply being texted to you.

I think you will find that accessing FD via a pc allows, at present, memorable data entry following Username - Log On.
On the following page you will see an option, at the top of the page, ' You can log on without a Secure Key here >'.

Yes, that is correct. I have been told by FD that this method of logging in will be withdrawn at some point. If you do not own a smartphone they will issue you with a random number generator along the lines of the NatWest system from about a decade ago.

[AF62]

Effectively once you have installed the NatWest or Barclays app on your phone you simply enter a 6 or 5 digit pin. .

Phones are more easily lost than computers, so isn't that no more secure than the approach of going to the website hit the login button with a user id and quote three letters from a password and three numbers from a PIN? The three letters and three numbers approach has been the Nat West method since the 1990s. I'm reluctant to use a phone for banking other than receiving a text code if they insist on doing that way.

And how is a thief going to be able to open the banking app on your lost phone when there is a bio-metric scanner to prevent access? If the full weight of the police's resources cannot unlock the phones of criminals they have arrested, then I don't consider a two bit thief is better equipped.

[Howard]

Effectively once you have installed the NatWest or Barclays app on your phone you simply enter a 6 or 5 digit pin. .

Phones are more easily lost than computers, so isn't that no more secure than the approach of going to the website hit the login button with a user id and quote three letters from a password and three numbers from a PIN? The three letters and three numbers approach has been the Nat West method since the 1990s. I'm reluctant to use a phone for banking other than receiving a text code if they insist on doing that way.

And how is a thief going to be able to open the banking app on your lost phone when there is a bio-metric scanner to prevent access? If the full weight of the police's resources cannot unlock the phones of criminals they have arrested, then I don't consider a two bit thief is better equipped.

Out of interest, will this apply to my Samsung S7 smartphone? As an infrequent user, the fingerprint recognition always seems a bit hit and miss to me.

regards

Howard

[AF62]

Phones are more easily lost than computers, so isn't that no more secure than the approach of going to the website hit the login button with a user id and quote three letters from a password and three numbers from a PIN? The three letters and three numbers approach has been the Nat West method since the 1990s. I'm reluctant to use a phone for banking other than receiving a text code if they insist on doing that way.

And how is a thief going to be able to open the banking app on your lost phone when there is a bio-metric scanner to prevent access? If the full weight of the police's resources cannot unlock the phones of criminals they have arrested, then I don't consider a two bit thief is better equipped.

Out of interest, will this apply to my Samsung S7 smartphone? As an infrequent user, the fingerprint recognition always seems a bit hit and miss to me.

By "hit and miss" I assume you mean that it sometimes fails to unlock when presented with a known finger, rather than unlocking when presented with an unknown finger (or something else!).

If so, doesn't that reassure you that it is playing safe with your data and access to your apps.

[Howard]

And how is a thief going to be able to open the banking app on your lost phone when there is a bio-metric scanner to prevent access? If the full weight of the police's resources cannot unlock the phones of criminals they have arrested, then I don't consider a two bit thief is better equipped.

Out of interest, will this apply to my Samsung S7 smartphone? As an infrequent user, the fingerprint recognition always seems a bit hit and miss to me.

By "hit and miss" I assume you mean that it sometimes fails to unlock when presented with a known finger, rather than unlocking when presented with an unknown finger (or something else!).

If so, doesn't that reassure you that it is playing safe with your data and access to your apps.

I guess you are right. So it is as safe as my four digit pin. And presumably the phone will lock if an incorrect pin is tried more than 3 or 4 times.

thanks for your comment.

regards

Howard

[AF62]

Out of interest, will this apply to my Samsung S7 smartphone? As an infrequent user, the fingerprint recognition always seems a bit hit and miss to me.

By "hit and miss" I assume you mean that it sometimes fails to unlock when presented with a known finger, rather than unlocking when presented with an unknown finger (or something else!).

If so, doesn't that reassure you that it is playing safe with your data and access to your apps.

I guess you are right. So it is as safe as my four digit pin. And presumably the phone will lock if an incorrect pin is tried more than 3 or 4 times

Safer. You could write your PIN down, tell someone what it is, or someone could just guess it (lots of people use the same PINs for everything). Unless you chop your finger off, you have to be there to use fingerprint recognition.