I've a Sainsbury credit card i've not used for ages, I thought i'd leave it somewhere so that when I haven't my wallet about me all is not lost if I want to buy something. Anyway, it seems to have forsaken me, contactless is a no go and when I enter PIN nothing happens, no decline just nothing happening at all.
I wondered if it was locked so I tried to log into online banking. I've a username, password and key but they want to send me a text and it seems I haven't registered my number. So I need to call them.
Makes my piss boil.
FWIW I can still log into Santander with my username and a 6 digit passcode, I love that.
I have a feeling you are worrying about the wrong things.
I would be far more concerned that Santander's security is so lax that it still lets you use a 6 digit passcode! (one would hope they have more "behind the scenes" security and don't rely only on the passcode)
I don't know about the Sainsbury's card specifically, but I would expect like most other issuers, there would have been warnings every time you used it that they will be moving to more secure 2fa in the future, and to make sure that you have a phone number associated with the card to prevent transactions being blocked. Obviously by not using it you probably missed a number of opportunities to be reminded.
Now I appreciate that these changes are sometimes irritating, however they are in our own best interests. CC fraud, and in particular online cc fraud, is becoming an every bigger problem, and the banks are in an arms race with the criminals.
You must, of course, appreciate that it's for your own protection, it certainly isn't to protect the bank, goodness me no!
I tried to make an online payment in February this year. The name of the payee's bank account differed from what I typed in (Smith's Gardener rather than Fred Smith) so a message popped up asking if I really wanted to make the payment, I said "yes". Unknown to me the bank stopped he payment and sent me a letter telling me this - to my OLD address! When the contractor said he hadn't been paid I tried to log on to online banking and a message came up saying it had been suspended and I should 'phone somebody or other. I did and there followed a 2.5 hour discussion to an Indian lady who didn't speak English very well, who couldn't hear me (crap line) and who said several times "stop talking I have to read something" - obviously form her script so presumably a newby. I confirmed several times that the payment was fine but in the end she said she would "leave it to the system", needless to say the payments wasn't made and I was locked out of online banking - not only my current account but my savings account.
At this point in time I have sent 4 letters addressed to my branch manager and 2 to the Chairman, they have all been intercepted and passed to the oiks in the customer service department. The 4 replies I have had all say pretty well the same thing - your complaint has been rejected and if you don't like it go to the ombudsman. I haven't made a complaint, just asked they correct their mistake by allowing me online access.
The bank is HSBC as a warning to potential customers, 89% of reviews on Trust Pilot rate them poor.
This process of treating everything as a complaint seems quite common now as it enables companies to send a standard letter saying you complaint has been rejected and referring you to an outside body.
And finally the landlord of my leased house decides complaints about him himself as well as appeals!
Its both obviously... Even in fraud cases where the customer gets their money back via one of a number of schemes, the bank may still loose out, and the criminal may still get to keep the stolen money. So they have an incentive to stop fraud for their own direct benefit, not just that of their reputation or for the well-being of their customers.
All UK banks must now implement the Confirmation of Payee scheme. This is, IMHO, a "good thing".
The fact that your bank does not seem to have got the customer service right following what would have looked like a fraud attempt, is not the fault of the scheme. i.e. don't diss the industry security measures just because you bank happens to be poor at dealing with the process!
So contact the banking ombudsman - they are independent, and do have teeth.
Do you work for HSBC? It may have looked like a fraud attempt to a computer but the fact I said make the payment both online and to a bank employee on the 'phone puts the onus on me not the bank. As it is the contractor will no longer wok for me as a payment bounced, hope he doesn't spread the word.
Why? I am not making a complaint I am asking the bank to correct a mistake.
Again you are still conflating two unrelated issues. The CoP scheme which is proving effective at suppressing payment push fraud, and your banks incompetent response.
Which they are refusing to correct by the sounds of it, so you will need to exert leverage from outside. Once resolved to can move to a different bank.
That certainly used to be the case for all of them - and it was a significant "hole" in the system, but by now most should all be signed up to the CoP scheme.
Some issues are due to the bank using overseas call centres to save money. I had an issue with HSBC when, after finally getting fed up with their nonsensically low or or even non-existent interest rates decided to transfer some money to an NS and I account. The transfer was stopped due to it being to an "unknown" payee. The operative I spoke to on the HSBC help line (Indian accent) asked me what the business of the payee was! After being somewhat flustered by the request (how would you describe it?), I said that it was a type of government bank, which appeared to satisfy the security check.
Meanwhile, Nationwide has 4-factor validation that includes some drop-down lists and only 3 of the code. It did start using SMS at about the same time that Germany banned it due to spoofing.
Why ban text verification? You will only be sent the text within seconds of you making the transaction to confirm your identity and the verification code is only valid for around 5 minutes. If you are sent a text without you actually making a transaction then you will know that a fraud is happening.
You'd never guess it before being locked out. And I can only make payments to existing payees with an existing reference or they send a passcode to my phone. I occasionally get a text alert from them if something looks out of the ordinary. IMO it is the correct balance of ease/security.
Basically mobiles were never designed to act as proof of identity and, despite banks' attempts to make them so, mobile networks don't want to get into the business of running an ID card agency on the side. There is not a tight binding from mobile number to human, and the system was never designed for that to be enforceable.
Being realistic, since much of the security is obscured from the end users (both legit and criminal!) you can only really make a judgement on the ease part of that equation. The security bit needs to evolve with time to keep pace with the current threats.
It gets even more entertaining when you can't recall your password and give them the necessary characters. Or answer some completely impossible "security" question based on past spending.
The best one I ever ran into was Q: What hotel did you stay at in Chester last November? A: I haven't been to Chester for more than a decade (wrong)
The correct answer was "Lumley Castle" at Chester *le Street*, Durham. (they omitted key information)
The next one was even worse. Q: Name a street that connects to your road (which has no name). A: A19 (they didn't like that either)
These security questions were asked to confirm the final payment of the balance for the installation of a fitted kitchen at the cardholders address. You really couldn't make it up. Luckily the salesman found the whole thing rather amusing and we did eventually convince the droid.
All the banks have been forced to provide 2FA so if you haven't used them since that switchover you will find some problems if you do not have a phone number set up for them to call. It will probably only trigger if you try to set up a new payee or unusually large transfer.
When I access my Santander account Edge offers to insert the passcode but whatever it has saved, probably the account number, I haven't checked, doesn't work so I ignore it and enter the number manually.
HomeOwnersHub website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.