Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 
304 posts

Ultimate Geek
+1 received by user: 53


  Reply # 1891745 28-Oct-2017 10:50
Send private message

michaelmurfy:

 

@jim.cox I work for ANZ so will shed some light on this.

 

1) It is important for you both to have separate IB accounts - this is possible as with a joint account you both have customer numbers. In this case, you were operating the account through one customer number which is also a breach of the internet banking terms regarding protecting your password from third parties.
2) If it was a 2 to sign account the IB platform will refuse to allow a transfer through the interface. Furthermore, it is possible for staff to lock down accounts to "view only" mode where you can transfer money in, but not take it out.

In your case you were not using it properly and if you're still an ANZ customer I advise you to call up their contact centre to get internet banking created for your wife under her own customer number. Once you do this then you have by default a separate Online Code mobile number.

 

Edit: Further clarification was done via PM. In this case it was wanting to set 2x mobile numbers on a single IB login which is not possible for security reasons and what sounds like to be sharing logins.

 

 

 

 

You're 100% correct here but I do wish there was an easier option with ANZ Online Banking for mulitple phone numbers. For businesses with multiple signatories this can be a pain as the Online Banking only allows one login/password and one mobile number. 

 

There is ANZ Direct Online but that's overkill for 99% of small/medium sized businesses although AFAIK it's the only option for two to sign accounts (tell a lie - there is a workaround for online banking but it's a PITA)

 

 

 

The BNZ allow different logins for business (e.g. access number/customer number, user ID, password)

 

 

 

 


Meow
7358 posts

Uber Geek
+1 received by user: 3537

Moderator
Trusted
Lifetime subscriber

  Reply # 1891747 28-Oct-2017 10:57
Send private message

@logo each signatory under a business account can use their own customer number and from here can use "customer select" which enables them to jump from their own personal account to the business internet banking under their own login which in term transfers over the onlinecode preference from their personal login (so they get texts under the business account too). Directors should be the only ones who login directly to the business account more for accountability reasons but even then they can use customer select also. This is the same sort of solution as BNZ uses. Each signatory should in theory already have their own login (check with your account manager who can set this up for you). Also, it is free.

ANZ Direct Online - while overkill, is a very good solution since you can furthermore fine-tune each login with their own permissions for the account as a whole.




 
 
 
 


Try Wrike: fast, easy, and efficient project collaboration software
194 posts

Master Geek
+1 received by user: 8


  Reply # 1891751 28-Oct-2017 10:57
Send private message

michaelmurfy:

 

Edit: Further clarification was done via PM. In this case it was wanting to set 2x mobile numbers on a single IB login which is not possible for security reasons and what sounds like to be sharing logins.

 

 

NO - separate customers / separate logins - but text approval messages are coming to a single cellphone number.

 

On discussion with Mr Murphy, I suspect the ANZ system defaulted to loading my cellphone number against my wife's customer number.

 

 


Meow
7358 posts

Uber Geek
+1 received by user: 3537

Moderator
Trusted
Lifetime subscriber

  Reply # 1891763 28-Oct-2017 11:37
Send private message

jim.cox:

 

michaelmurfy:

 

Edit: Further clarification was done via PM. In this case it was wanting to set 2x mobile numbers on a single IB login which is not possible for security reasons and what sounds like to be sharing logins.

 

NO - separate customers / separate logins - but text approval messages are coming to a single cellphone number.

 

On discussion with Mr Murphy, I suspect the ANZ system defaulted to loading my cellphone number against my wife's customer number.

 

As stated - this is literally impossible to do in the system (also the system doesn't default a mobile number for security reasons). In all your messages it still sounds like you were sharing login details and I bet if you were still a customer and if I looked I'll be proven right. As you're not a customer anymore it is best to just drop the subject and move on. If you still are then call them and let them investigate further as I am not in the customer service space nor is this a medium for customer support. Just clearing up some confusion here before it gets out of hand.





21014 posts

Uber Geek
+1 received by user: 4155

Trusted
Subscriber

  Reply # 1891788 28-Oct-2017 11:50
Send private message

The single mobile number thing is a problem with ASB as well, I will often not have a phone on me if its out of data for that month so useless to me till it rolls over, and if I happen to need to pay someone that needs net code its a PITA.

 

If actually did SMS properly I would just use one of their numbers for it so I could get it from the app or whatever from any device. The other option that ASB suggested was a keychain number thing which is just another piece of crap to carry around, lose, or put thru the wash accidentally.





Richard rich.ms

nas

373 posts

Ultimate Geek
+1 received by user: 184


  Reply # 1891809 28-Oct-2017 12:29
Send private message

We're with ANZ and my wife and I have separate IB logins.

 

I have SMS 2FA enabled on mine, she doesn't, works fine..


UHD

585 posts

Ultimate Geek
+1 received by user: 263


  Reply # 1891964 28-Oct-2017 20:44
Send private message

Kiwibank's system is still far and away the best system for me. I don't have to worry about a card, token, cellphone app, or SMS but can simply remember the three answers to my secret questions. IMO it is better than 2FA.




:)
2875 posts

Uber Geek
+1 received by user: 85

Subscriber

  Reply # 1891970 28-Oct-2017 21:11
Send private message

UHD:

 

Kiwibank's system is still far and away the best system for me. I don't have to worry about a card, token, cellphone app, or SMS but can simply remember the three answers to my secret questions. IMO it is better than 2FA.

 

 

 

 

I feel like it's probably the best compromise with all the banks I've heard of so far. If it wasn't for the fact that BNZ have Apply Pay, I would have stayed with Kiwibank, if only for the easy way for me to login etc.

 

 

 

I would love to see support for 2FA soft tokens.






2423 posts

Uber Geek
+1 received by user: 142


  Reply # 1891972 28-Oct-2017 21:32
One person supports this post
Send private message

UHD:

Kiwibank's system is still far and away the best system for me. I don't have to worry about a card, token, cellphone app, or SMS but can simply remember the three answers to my secret questions. IMO it is better than 2FA.

 

The problem is, what questions do you have and what the answers? How easily can an attack find out the answers given things like "What town were you born in" etc?

Meow
7358 posts

Uber Geek
+1 received by user: 3537

Moderator
Trusted
Lifetime subscriber

  Reply # 1892030 28-Oct-2017 22:20
Send private message

kyhwana2:
UHD:

 

Kiwibank's system is still far and away the best system for me. I don't have to worry about a card, token, cellphone app, or SMS but can simply remember the three answers to my secret questions. IMO it is better than 2FA.

 

The problem is, what questions do you have and what the answers? How easily can an attack find out the answers given things like "What town were you born in" etc?

 

I don't think he'll give that answer in public ;) - I have random questions that make no sense like for example "If a catfish drove into a lake then what happened to the cat?" The answer will also be totally unrelated like "Taylor Swift". This is me though, others may not be as smart and go with "What is my cats name" of which the answer may be on their public Facebook page.

 

This is where even SMS based 2FA is good as it is hard to PEBKAC it unless if you were really stupid.





UHD

585 posts

Ultimate Geek
+1 received by user: 263


  Reply # 1892089 29-Oct-2017 11:19
Send private message

kyhwana2:
UHD:

 

Kiwibank's system is still far and away the best system for me. I don't have to worry about a card, token, cellphone app, or SMS but can simply remember the three answers to my secret questions. IMO it is better than 2FA.

 

The problem is, what questions do you have and what the answers? How easily can an attack find out the answers given things like "What town were you born in" etc?

 

I do what murph does, completely random questions that make no sense even to me. That way an attacker would need to brute(force) my brain in order to log in, rather than just steal my phone. Think of the number of phones that display the content of an SMS without having to have the passcode to enter the device? 2FA in that scenario is about as useful as the old netcode cards.


21014 posts

Uber Geek
+1 received by user: 4155

Trusted
Subscriber

  Reply # 1892090 29-Oct-2017 11:23
Send private message

UHD:

 

I do what murph does, completely random questions that make no sense even to me. That way an attacker would need to brute(force) my brain in order to log in, rather than just steal my phone. Think of the number of phones that display the content of an SMS without having to have the passcode to enter the device? 2FA in that scenario is about as useful as the old netcode cards.

 

 

I turn that off on my phones. On my stupid note 4 that also turns off music control on the lock screen, and also for some reason the clock on it, so I can see why people leave that turned on.





Richard rich.ms

nas

373 posts

Ultimate Geek
+1 received by user: 184


  Reply # 1892125 29-Oct-2017 13:43
Send private message

michaelmurfy:

 

kyhwana2:
UHD:

 

Kiwibank's system is still far and away the best system for me. I don't have to worry about a card, token, cellphone app, or SMS but can simply remember the three answers to my secret questions. IMO it is better than 2FA.

 

The problem is, what questions do you have and what the answers? How easily can an attack find out the answers given things like "What town were you born in" etc?

 

I don't think he'll give that answer in public ;) - I have random questions that make no sense like for example "If a catfish drove into a lake then what happened to the cat?" The answer will also be totally unrelated like "Taylor Swift". This is me though, others may not be as smart and go with "What is my cats name" of which the answer may be on their public Facebook page.

 

This is where even SMS based 2FA is good as it is hard to PEBKAC it unless if you were really stupid.

 

 

I just use 1Password and generate a random 25 character string as the answer:

 

Click to see full size

 

That way even I don't know what the answer is without having to look it up


IcI

675 posts

Ultimate Geek
+1 received by user: 148

Trusted

  Reply # 1892143 29-Oct-2017 15:02
Send private message

michaelmurfy:

 

@kyhwana2:
UHD:

 

Kiwibank's system is still far and away the best system for me. ... but can simply remember the three answers to my secret questions. 

The problem is, what questions do you have and what the answers? How easily can an attack find out the answers given things like "What town were you born in" etc?

 

I don't think he'll give that answer in public ;) - I have random questions that make no sense ...

 

The nice thing about Kiwibanks question system is that you can actually create your own questions if you don't want to select the basic ones.

 

Click to see full size


11170 posts

Uber Geek
+1 received by user: 3539

Trusted
Subscriber

  Reply # 1892297 29-Oct-2017 21:18
Send private message

michaelmurfy:

kyhwana2:
UHD:


Kiwibank's system is still far and away the best system for me. I don't have to worry about a card, token, cellphone app, or SMS but can simply remember the three answers to my secret questions. IMO it is better than 2FA.


The problem is, what questions do you have and what the answers? How easily can an attack find out the answers given things like "What town were you born in" etc?


I don't think he'll give that answer in public ;) - I have random questions that make no sense like for example "If a catfish drove into a lake then what happened to the cat?" The answer will also be totally unrelated like "Taylor Swift". This is me though, others may not be as smart and go with "What is my cats name" of which the answer may be on their public Facebook page.


This is where even SMS based 2FA is good as it is hard to PEBKAC it unless if you were really stupid.



Good idea. Mind you, not every system allows the user to set the questions. Some just give you a list of options.





1 | 2 
View this topic in a long page with up to 500 replies per page Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Umbrellar becomes Microsoft Cloud Solution Provider
Posted 22-May-2018 15:43


Three New Zealand projects shortlisted in IDC Asia Pacific Smart Cities Awards
Posted 22-May-2018 15:14


UpStarters - the New Zealand tech and innovation story
Posted 21-May-2018 09:55


Lightbox updates platform with new streaming options
Posted 17-May-2018 13:09


Norton Core router launches with high-performance, IoT security in New Zealand
Posted 16-May-2018 02:00


D-Link ANZ launches new 4G LTE Dual SIM M2M VPN Router
Posted 15-May-2018 19:30


New Panasonic LUMIX FT7 ideal for outdoor: waterproof, dustproof
Posted 15-May-2018 19:17


Ryanair Goes All-In on AWS
Posted 15-May-2018 19:14


Te Papa and EQC Minecraft Mod shakes up earthquake education
Posted 15-May-2018 19:12


Framing Facebook: It’s not about technology
Posted 14-May-2018 16:02


Vocus works with NZ Police and telcos to stop scam calls
Posted 12-May-2018 11:12


Vista Group signs Aeon Entertainment, largest cinema chain in Japan
Posted 11-May-2018 21:41


New Privacy Trust Mark certifies privacy and customer control
Posted 10-May-2018 14:16


New app FIXR connects vehicle owners to top Mechanics at best prices
Posted 10-May-2018 14:13


Nutanix Beam gives enterprises control of the cloud
Posted 10-May-2018 14:09



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.