Jump to content

Excessive Online Security.

Chekhov
 Share

Recommended Posts

HeHasRisen Experienced

HeHasRisen

Posted
Posted
6 minutes ago, Chekhov said:

How does your post answer my point that it is an inflexible blanket system that implies the banks security software is from the 1980s. ? 

 

>>>HeHasRisen said:
But why? It [the requirement for extra security] is clearly based on value and not who the merchant is.<<<

 

>>Chekhov said :

It is not just based on the amount anyway.

My lad's school has gone "cashless", another unfortunate result of the Covid madness. (censored)

I had to pay £2 for a couple of seats for the school play (which we were banned from photographing, more absolute ballcox...), and the bank insisted on sending me a OTP !  Plus I obviously had to log on and go through all that cobblers as well. It'd have been far easier to just give the office £2 as I walked past it, which I do every school morning......

So, all that for a £2 transaction to the school for Gawd's sake : ARTIFICIAL UNINTELLIGENCE writ large.<<

It's hard to have any sympathy for you. Like I said,  deal with it or move to a country with lax banking facilities. May I suggest Lesotho. 

Link to comment
Share on other sites
Chekhov

Chekhov

Posted
  • Author
Posted (edited)
1 hour ago, Bargepole23 said:

Does your bank know the name of the payee, other than knowing its HMRC? Is the person's name and other information  available to the bank via the HMRC systems in real time to confirm the identity of the payee and the account holder are the same?

 

What if I hacked your bank account and decided to pay my tax bill from it? How does the bank know its my tax bill and not yours, without a detailed identity check of who the HMRC thinks the tax bill belongs to? 

It would be pointless paying any HMRC bill by fraud because once the HMRC found out they'd simply cancel the payment and the naughty tax payer would be back to square one, in fact below it because the HMRC would then give him / her a big penalty for late payment. 

Plus, of course, the troublesome tax payer would be totally traceable and in big trouble with the police. 

 

>>hacked your bank account<<

 

It's not about hacking my bank account because I'd be paying by card. It's more about if the fraudster got hold of the details for ones card.

"Hacking my bank account" would apply to a fraudulent BACS payment (or similar), but I have never even suggested that setting up a BACS payee should be made less secure. Quite the opposite, I have always been consistent that I am very bothered about anyone being able to transfer monies out of my accounts, I'm just not so bothered about anyone getting in there and transferring money between my accounts. Don't get me wrong a bit of security is still in order for that, but I have to put in my password and my pass number anyway. Why does it need any more than that ? 

 

17 minutes ago, HeHasRisen said:

It's hard to have any sympathy for you. Like I said,  deal with it or move to a country with lax banking facilities. May I suggest Lesotho. 

I notice you are digressing (and being personal BTW), is that so you do not have to admit you were wrong ? :

 

>>>HeHasRisen said:
But why? It [the requirement for extra security] is clearly based on value and not who the merchant is.<<<

Edited by Chekhov
Link to comment
Share on other sites
Chekhov

Chekhov

Posted
  • Author
Posted (edited)
59 minutes ago, Resident said:

Is it Artificial unintelligence or just your own? 
Usually the OTP system only kicks in for the first few payments to any particular merchant, after that then localised checks (passwords/PIN/Biometrics) are deemed sufficient if the payments are regular. 
Irregular or new merchants are treated with suspicion purely because of the level of online scams and the stupidity of the general public. 

Really ? I have paid HMRC loads of times, and the bank still insists on a OTP.

So, the bank's advanced cutting edge security software is so advanced it fails to spot :

 

1 - I pay HMRC twice a year for my personal tax, four times a year for my VAT, and another four times a year for my PAYE, that's 10X a year in all.

 

2 - HMRC must be one of the least likely accounts to have fraudulent payments made into, and if it did happen the money would almost certainly be returned anyway.

 

Can I just compare the above ludicrous farce with the banks enthusiasm for everyone to use contactless cards ?

Anyone could pick up (or nick) your contactless card and go round spending up to £100 in every shop.....

 

Edited by Chekhov
Link to comment
Share on other sites
HeHasRisen Experienced

HeHasRisen

Posted
Posted (edited)
11 minutes ago, Chekhov said:

It would be pointless paying any HMRC bill by fraud because once the HMRC found out they'd simply cancel the payment and the naughty tax payer would be back to square one, in fact below it because the HMRC would then give him / her a big penalty for late payment. 

Plus, of course, the troublesome tax payer would be totally traceable and in big trouble with the police. 

 

>>hacked your bank account<<

 

It's not about hacking my bank account because I'd be paying by card. It's more about if the fraudster got hold of the details for ones card.

"Hacking my bank account" would apply to a fraudulent BACS payment (or similar), but I have never even suggested that setting up a BACS payee should be made less secure. Quite the opposite, I have always been consistent that I am very bothered about anyone being able to transfer monies out of my accounts, I'm just not so bothered about anyone getting in there and transferring money between my accounts. Don't get me wrong a bit of security is still in order for that, but I have to out in my password and my pass number anyway. Why does it need any more than that ? 

 

I notice you are digressing (and being personal BTW), is that so you do not have to admit you were wrong ? :

 

>>>HeHasRisen said:
But why? It [the requirement for extra security] is clearly based on value and not who the merchant is.<<<

If I am, fair enough. I couldn't care less, you are literally moaning about security measure so as I said, move somewhere where they don't exist. 

Edited by HeHasRisen
Link to comment
Share on other sites
Bargepole23 Rising Star

Bargepole23

Posted
Posted
46 minutes ago, Chekhov said:

It would be pointless paying any HMRC bill by fraud because once the HMRC found out they'd simply cancel the payment and the naughty tax payer would be back to square one, in fact below it because the HMRC would then give him / her a big penalty for late payment. 

Plus, of course, the troublesome tax payer would be totally traceable and in big trouble with the police. 

 

>>hacked your bank account<<

 

It's not about hacking my bank account because I'd be paying by card. It's more about if the fraudster got hold of the details for ones card.

"Hacking my bank account" would apply to a fraudulent BACS payment (or similar), but I have never even suggested that setting up a BACS payee should be made less secure. Quite the opposite, I have always been consistent that I am very bothered about anyone being able to transfer monies out of my accounts, I'm just not so bothered about anyone getting in there and transferring money between my accounts. Don't get me wrong a bit of security is still in order for that, but I have to put in my password and my pass number anyway. Why does it need any more than that ? 

 

I notice you are digressing (and being personal BTW), is that so you do not have to admit you were wrong ? :

 

>>>HeHasRisen said:
But why? It [the requirement for extra security] is clearly based on value and not who the merchant is.<<<

How would the HMRC know it was a fraudulent payment? For example, do they insist that the monies owed by a person for tax come from an account in the name of that person? I'm not aware that they do, so if the person whose account was hacked didn't spot the transfer, who is to know?

 

I doubt that criminals would struggle to get hold of card details, sold in batches on the dark Web aren't they? By having multifactor authentication eg OTP, then the criminal needs something which is far harder to get hold of.

  • Like 1
Link to comment
Share on other sites
Chekhov

Chekhov

Posted
  • Author
Posted
3 hours ago, Bargepole23 said:

How would the HMRC know it was a fraudulent payment? For example, do they insist that the monies owed by a person for tax come from an account in the name of that person? I'm not aware that they do, so if the person whose account was hacked didn't spot the transfer, who is to know?

 

I doubt that criminals would struggle to get hold of card details, sold in batches on the dark Web aren't they? By having multifactor authentication eg OTP, then the criminal needs something which is far harder to get hold of.

I'm pretty sure anyone who had a big debit to the HMRC made from their bank account would notice *. They would then get onto their bank who would investigate.
But, I cannot imagine this would happen that often at all because you would have to be an absolute imbecile to use a fraudulent method to pay your HMRC tax bill.....

 

* I am assuming everyone checks their bank statements, I certainly do. But perhaps I'm wrong, bearing in mind how keen some people are to pay for poxy little transactions (at even £1) on a card, which spams up your statement making it much harder to check through it all.

Link to comment
Share on other sites
Delayed Rising Star

Delayed

Posted
Posted
8 hours ago, Chekhov said:

Oh, you mean they're using  AU (artificial unintelligence) ?

 

But it is not just based on the amount anyway.

My lad's school has gone "cashless", another unfortunate result of the Covid madness. (censored)

I had to pay £2 for a couple of seats for the school play (which we were banned from photographing, more absolute ballcox...), and the bank insisted on sending me a OTP !  Plus I obviously had to log on and go through all that cobblers as well. It'd have been far easier to just give the office £2 as I walked past it, which I do every school morning......

So,all that for a £2 transaction to the school for Gawd's sake : ARTIFICIAL UNINTELLIGENCE writ large.

Thoughts and prayers during this different time 

Link to comment
Share on other sites
HeHasRisen Experienced

HeHasRisen

Posted
Posted
5 minutes ago, Chekhov said:

I'm pretty sure anyone who had a big debit to the HMRC made from their bank account would notice *. They would then get onto their bank who would investigate.
But, I cannot imagine this would happen that often at all because you would have to be an absolute imbecile to use a fraudulent method to pay your HMRC tax bill.....

 

* I am assuming everyone checks their bank statements, I certainly do. But perhaps I'm wrong, bearing in mind how keen some people are to pay for poxy little transactions (at even £1) on a card, which spams up your statement making it much harder to check through it all.

If people only check things monthly, more fool them.  

Link to comment
Share on other sites
Chekhov

Chekhov

Posted
  • Author
Posted (edited)
On 15/08/2023 at 14:49, Chekhov said:

Really ? I have paid HMRC loads of times, and the bank still insists on a OTP.

So, the bank's advanced cutting edge security software is so advanced it fails to spot :

1 - I pay HMRC twice a year for my personal tax, four times a year for my VAT, and another four times a year for my PAYE, that's 10X a year in all.

2 - HMRC must be one of the least likely accounts to have fraudulent payments made into, and if it did happen the money would almost certainly be returned anyway.

Can I just compare the above ludicrous farce with the banks enthusiasm for everyone to use contactless cards ?

Anyone could pick up (or nick) your contactless card and go round spending up to £100 in every shop.....

We were just talking about this inconsistency at work.

You used to have to sign for a card purchase but then Chip and PIN came along in the early 200os because "just signing for a card purchase" was deemed to be too insecure.

But now you don't even need to sign anything, much less use a PIN number, yet they demand I use a OTP for a £2 purchase, and, in fact, for all my payments to the HMRC ! !

 

Can anyone tell me where the consistency is in all this ?

 

Edited by Chekhov
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.