gehenna: Friend of a friend stories rarely turn out to be accurate. Even friend stories can be 50/50 lol

Friend of a friend stories often are actually about "me"

tdgeek:

 

gehenna: Friend of a friend stories rarely turn out to be accurate. Even friend stories can be 50/50 lol

 

Friend of a friend stories often are actually about "me"

 

Nope it's not me, i have no Australian SMS 2FA

kyhwana2:

 

Bank phishing and banking trojans are sophisticated enough to get all of this. If there is money involved, SMS 2FA is NOT sufficient, as attackers can port or intercept SMS 2FA token https://www.theverge.com/2017/9/18/16328172/sms-two-factor-authentication-hack-password-bitcoins

Ah yes - you're correct here. Totally forgot about that fact. And agree with you on SMS 2FA and furthermore, trust me when I say this is being worked on.

Bung:
You saying "don't use POLi" is like whispering into a thunder storm. The Banks are letting it happen what signal does that send?

Again - sorta right. If banks downright blocked POLi then many customers would complain - I remember (not too long ago) an IB release of ANZ's broke POLi and many customers phoned up to complain. Our status was "Don't use POLi" however most customers ignored this. POLi had it all fixed later that day. It is easier to allow it, however advise it is breaching the customers T&C's than to block it and deal with the customer complaints. I'm not going to touch any more on this, I've spoken why it is a terrible idea many many times on here to use POLi.

blakamin:

 

But if the customer has ever upgraded their limit (which most people with a need to transfer more than $1k will do. For instance, I transfer more than that to my Mrs every fortnight just to pay bills, Would be more if I got paid monthly).

 

What's onlinecode?? I bank with ANZ, have changed phones, and ported about 8 times, in the last 4 years alone and have never heard of it. If they have my number, they have my SMS verification.

 

I transfered/juggled many many thousands when we bought our last house to cover stamp duty and other things when the was some issues with another bank account... Nothing ever triggered any fraud things.

ANZ Australia and ANZ NZ are two different systems, different processes and are fully separated in every way. I'm talking about the NZ side of things, not Australia. I honestly have no idea how Australia work things. Onlinecode is SMS verification here in NZ.

Oh, and while you're there, tell head office in Oz that i'm seriously unimpressed with them holding my wages hostage overnight (or until tuesday if my pay goes in on a saturday) for them to "clear" from a company that also banks with ANZ. It's a rort and they're bastards.

Different technology, different processes, different ways of doing things in Australia vs NZ. There is a reason behind this but it isn't my area to speak on it. Also, I have no say either as I don't work for Australia...

That is it from me. It sounds like we're talking about Australia and not NZ and in this place, I can't add any more to this thread as I simply don't know...

It's worth noting Vodafone have recently restricted DIY SIM swaps which is potentially a result of people having their SIM cards compromised or swapped without their permission.

So i guess the solution is don't use SMS 2FA for banking?

Batman:

 

So i guess the solution is don't use SMS 2FA for banking?

 

Its not perfect, but from that to not using it?!

By that logic: Passwords can be intercepted, so don't use them?

jarledb:

 

Batman:

 

So i guess the solution is don't use SMS 2FA for banking?

 

 

Its not perfect, but from that to not using it?!

 

By that logic: Passwords can be intercepted, so don't use them?

 

RSA securiID software token - basically an app downloaded to your phone. You enter a PIN and it generates a one time key.

That, or a similar system, is used by some banks for their next level up online banking platforms.

However the maintenance (initial setup, reinstalls due to changed phones, resets of forgotten PINs etc..) are much, much higher than simple SMS 2FA.