Blog article
See all stories »

Using Card Readers for the Sake of It...?

I had an interesting experience in my local bank branch the other day.  I went in to withdraw cash (the ATM doesn't dispense £1 coins and £5 notes), only to find that the process had changed - significantly for the worse.

Previously, I'd put my debit card in a POS-type card reader on my side of the counter, type in the PIN, and then I'd get the cash from the cashier. Not any more...

This particular bank uses the calculator-style PIN pads for online banking, and they now seem to have introduced them into branches.  Now, I had to hand over my debit card to the cashier, who put the card into one of the 'calculators', then handed the entire edifice to me.  I had to put in my PIN, then hand the whole lot back for her to input the code to her computer.  Only after that was she able to give me my cash, along with the debit card and a little piece of cardboard telling me about this wonderful new, 'more secure' service.  Apparently, we have to go through the same process in future, even if we want to talk to someone about our accounts.

I have three issues with this.

1) it's very cumbersome, my debit card passing back and forth like a pinball.  Whoever dreamt this up didn't practice the process beforehand, otherwise they surely wouldn't have done it.

2)  my security friends tell me that this process isn't nearly as secure as using the old process of putting the PIN into a POS device, and who am I to agrue?

3) it doesn't really generate a secure feeling with customers.  Indeed, one guy next to me was put through the same process.  He queried as to how this could possibly be secure (he thought the code was passed by wireless and that could be intercepted, which it isn't) and was 'assured' by the staff that it was, but they 'didn't know the technology'.  In wider terms, these devices have been sent to people as a means to make online banking more secure.  The idea is that you put your PIN in and get a code that only you have seen to put into your computer, etc.  Introducing the same process in a public banking hall, when you also pass the device, with the code visible to another person, rather undermines the sense of security that they are surely trying to engender.

No, it seems to me that, having invested so much money in these devices, the bank has decided to apply their use to other areas, in order to justify the investment.  In the process, they are potentially undermining the values of security that they are trying to associate with these machines.

Oh, and having to use a device like this to 'prove' who I am before the bank will talk to me, rather leaves me with the impression that I am viewed as a potential fraudster, rather than the real customer that I am; but maybe I am being too sensitive...

 

4374

Comments: (3)

Nick Collin
Nick Collin - Collin Consulting Ltd - London 17 September, 2009, 19:09Be the first to give this comment the thumbs up 0 likes

It does sound a bit unnecessary.  Which bank is it?

 

Nick

A Finextra member
A Finextra member 22 September, 2009, 11:06Be the first to give this comment the thumbs up 0 likes

I suspect that these sorts of processes will go the way of dinosaurs  sooner rather than later.

If I have a bank my bank is going to be better.

A branch withdrawal would go more something like this..

Approach the counter (and do something.) 'Hello Roger, how can I help you'.

You answer 'I'd like to withdraw £50 cash please from my savings account.'

'Would you like that as two 20's and a 10?'

You answer 'I'd prefer 10 fivers please.'

Thank the teller as you take your cash and leave.

Not a card or a reader to be seen. Not a PIN in or out of sight. The teller will always know your name.

No card, no fuss, and safer. Demonstrably safer in the mind of the customer.

Perhaps if you had asked for $5000 pounds it may have required another step - perhaps the hidden 'do something' again (and that one second step is only really for your own added peace of mind rather than requiring more security).

That 'do something' doesn't involve a card or reader and if you'd prefer it the teller won't even know your name and will just call you 'Sir'. Your choice.

I suppose the only  way to get what I want - easy safe and convenient banking and payments - is to open my own bank eh?

On the bank front - there are a lot going out of business but there seems to be a healthy market with buyers lining up for the opportunity to buy a small bank but it is difficult picking one that has substance.

As an aside on the old PIN spotting issue. A local security training/licensing firm here has found itself in trouble for 'selling' security guard licenses to all comers without the requisite training etc. It makes you wonder about who is watching you put that PIN in at the supermarket and even at the bank with all those security cameras conveniently placed overhead and just how qualified and vetted they are to be 'securing' us.

John Copping
John Copping - CGI - London 24 September, 2009, 11:47Be the first to give this comment the thumbs up 0 likes

I spoke to my friendly B Bank representative whilst visiting over the weekend.  Apparently, they have to key in their own PIN as well, and each card reader is personalised to them, resulting in them having to keep it with them at all times.  She also didn't know the reason as to why...

So, I make the assumption that the bank is tracking both the customer and the member of staff to see if anything suspicious is going on....