First National Bank of South Africa is using mobile phones and SMS to provide temporary PIN codes for customers to make ATM cash withdrawals without the use of a bank card.
Maybe its just me, but I find reports such as this very incomplete to understand how it all works?
According to FNB, to withdraw cash using Cellphone Banking, customers needed to log onto Cellphone Banking and select the banking option. Customers would then have to select Withdraw Cash, and then the account from which they wanted to withdraw cash i.e.
cheque account, savings account, etc.
Once the transaction was completed, the customer would receive an sms with a temporary ATM PIN to use at the ATM. For security reasons the temporary ATM Pin has to be used within 30 minutes of receipt and can only be used once.
But assuming we're talking about a 4-digit PIN, do I have to be standing outside the very ATM I want to use in the first place when I do the Logon, to identify the pintended place of withdrawal?
What if I then find afterwards the ATM is out of order, or has run out of money?
And when I approach the ATM, how do I register my presence and my identity?
Otherwise any little urchin could have a field day randomly pressing the buttons on the ATM keypad, and accidentally hitting on my PIN before the 30 minutes are up, and collecting my money as a gift?
@Keith I assume the codes are more than 4 digits to prevent people from randomly enter numbers until they get lucky. Maybe you have to enter the amount too and they check that the amount matches what you entered on the phone.
I agree that information like this should be included in the article.
Guys, it is clear that you have never been to a third world economy where everything does not work like it does in the US. Plastic cards are not on person always, purely because acquiring has not been developed that well yet.... but everybody carries a mobile
These markets - sometimes referred to as growth markets, are much bigger than first world markets and also growing faster. Therefor are very relevant.
The idea is very good, but not new. I think one or two instances have at least planned a system like this before.
The added value to personal withdrawals is that you could actually forward the SMS containing the PIN, so you could basically transfer cash money to a friend easily by telling them to make the withdrawal instead of yourself.
Kudos to FNB for launching this feature. At first glance, the usage scenario does appear bizarre. However, we see so many blog posts and comments on Finextra that would seem to suggest that banks are very slow to innovate even when the use case is very powerful.
Against that backdrop, if a bank has taken action, I'd give it the benefit of doubt as regards the relevance of the usage scenario.
Even assuming that the PIN is only 4 digit and that no other information is required to be entered, the chances of an urchin helping himself to someone else's money are quite slim, as the following calculation would show:
4 digit => 9,999 combinations
Assuming it would take an urchin at least 5 seconds per PIN attempt, he'd get thru' 360 attempts (1800/5) in 30 minutes (1800 seconds).
Probability of one of these attempts being right = 360 / 9999 = 0.036 i.e. 3.6%.
Besides, unlike in developed countries where they're literally "holes in the wall" (ex: the ATM in South Quay tube station in London), ATMs in Africa, India and most other emerging markets are placed in well-guarded premises, leaving very little scope for
an urchin to even be permitted to enter the ATM room, let alone use an ATM for 30 minutes at a stretch. Even if that happens, the people in the queue behind the urchin are highly unlikely to permit a single person to hog the ATM for 30 minutes. So, unauthorized
withdrawals shouldn't be a major concern.
.....and what about phone security? I'm guessing that the majority of people with smart phones do not assiduously install an anti-virus application, and then keep it updated.
It's all very well to forward the SMS to a friend, but what if it is forwarded to a different cell phone by a trojan? Easy money! While I accept that mobile phones have a wider role in less developed economies, it seems as if the risks related to such
cash withdrawals may have been discounted in favour of customer convenience. Now time will tell.............
I really doubt that once a customer receives the PIN by SMS, it would be as simple as using that PIN in any ATM to withdraw cash. Additional security measure like authentication by means of either requiring one to enter the account number (or the significant
digits of the same) or customer ID must be required before the PIN need to be input. That along with the low probability of random trial of PINs by a perp should really suffice to quell any security threats.
Someone above asked on how this would work in conjunction with a particular ATM location. I doubt this is a location based service and location has got anything to do with it. I believe one should be able to use the PIN across the ATMs of the bank without
This is nothing new - the Spanish Market have offered an identical service, Known as HALCASH, for years.
This service is aimed at the Unbanked (either because they are young people in the case in Spain, or Economically constrained as in other cases). Access to the ATM is made via a button where the "Withdrawer/Customer" enters their unique refrence code and
PIN - upon validation the cash is provided.
Excellent salary with uncapped commissionMilton Keynes
© Finextra Research 2013