Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 
14202 posts

Uber Geek
+1 received by user: 2618

Trusted

  Reply # 2153492 2-Jan-2019 20:13
Send private message quote this post

gehenna: Friend of a friend stories rarely turn out to be accurate. Even friend stories can be 50/50 lol

 

Friend of a friend stories often are actually about "me"




Mad Scientist
19485 posts

Uber Geek
+1 received by user: 2567

Trusted
Lifetime subscriber

  Reply # 2153499 2-Jan-2019 20:23
Send private message quote this post

tdgeek:

 

gehenna: Friend of a friend stories rarely turn out to be accurate. Even friend stories can be 50/50 lol

 

Friend of a friend stories often are actually about "me"

 

 

Nope it's not me, i have no Australian SMS 2FA





Swype on iOS is detrimental to accurate typing. Apologies in advance.


 
 
 
 


Mr Snotty
8178 posts

Uber Geek
+1 received by user: 4160

Moderator
Trusted
Lifetime subscriber

  Reply # 2153515 2-Jan-2019 21:55
Send private message quote this post

kyhwana2:

 

Bank phishing and banking trojans are sophisticated enough to get all of this. If there is money involved, SMS 2FA is NOT sufficient, as attackers can port or intercept SMS 2FA token https://www.theverge.com/2017/9/18/16328172/sms-two-factor-authentication-hack-password-bitcoins

 

Ah yes - you're correct here. Totally forgot about that fact. And agree with you on SMS 2FA and furthermore, trust me when I say this is being worked on.

 

Bung:
You saying "don't use POLi" is like whispering into a thunder storm. The Banks are letting it happen what signal does that send?

 

Again - sorta right. If banks downright blocked POLi then many customers would complain - I remember (not too long ago) an IB release of ANZ's broke POLi and many customers phoned up to complain. Our status was "Don't use POLi" however most customers ignored this. POLi had it all fixed later that day. It is easier to allow it, however advise it is breaching the customers T&C's than to block it and deal with the customer complaints. I'm not going to touch any more on this, I've spoken why it is a terrible idea many many times on here to use POLi.

 

blakamin:

 

But if the customer has ever upgraded their limit (which most people with a need to transfer more than $1k will do. For instance, I transfer more than that to my Mrs every fortnight just to pay bills, Would be more if I got paid monthly).

 

What's onlinecode?? I bank with ANZ, have changed phones, and ported about 8 times, in the last 4 years alone and have never heard of it. If they have my number, they have my SMS verification.

 

I transfered/juggled many many thousands when we bought our last house to cover stamp duty and other things when the was some issues with another bank account... Nothing ever triggered any fraud things.

 

ANZ Australia and ANZ NZ are two different systems, different processes and are fully separated in every way. I'm talking about the NZ side of things, not Australia. I honestly have no idea how Australia work things. Onlinecode is SMS verification here in NZ.

 

Oh, and while you're there, tell head office in Oz that i'm seriously unimpressed with them holding my wages hostage overnight (or until tuesday if my pay goes in on a saturday) for them to "clear" from a company that also banks with ANZ. It's a rort and they're bastards.

 

Different technology, different processes, different ways of doing things in Australia vs NZ. There is a reason behind this but it isn't my area to speak on it. Also, I have no say either as I don't work for Australia...

 

That is it from me. It sounds like we're talking about Australia and not NZ and in this place, I can't add any more to this thread as I simply don't know...





27406 posts

Uber Geek
+1 received by user: 6850

Moderator
Trusted
Biddle Corp
Lifetime subscriber

  Reply # 2153517 2-Jan-2019 21:57
Send private message quote this post

It's worth noting Vodafone have recently restricted DIY SIM swaps which is potentially a result of people having their SIM cards compromised or swapped without their permission.

 

 




Mad Scientist
19485 posts

Uber Geek
+1 received by user: 2567

Trusted
Lifetime subscriber

  Reply # 2153525 2-Jan-2019 22:14
Send private message quote this post

So i guess the solution is don't use SMS 2FA for banking?





Swype on iOS is detrimental to accurate typing. Apologies in advance.


Webhead
2174 posts

Uber Geek
+1 received by user: 723

Moderator
Trusted
Lifetime subscriber

  Reply # 2153531 2-Jan-2019 22:47
2 people support this post
Send private message quote this post

Batman:

 

So i guess the solution is don't use SMS 2FA for banking?

 

 

Its not perfect, but from that to not using it?!

 

By that logic: Passwords can be intercepted, so don't use them?





355 posts

Ultimate Geek
+1 received by user: 69


  Reply # 2153553 3-Jan-2019 08:00
Send private message quote this post

jarledb:

 

Batman:

 

So i guess the solution is don't use SMS 2FA for banking?

 

 

Its not perfect, but from that to not using it?!

 

By that logic: Passwords can be intercepted, so don't use them?

 

 

RSA securiID software token - basically an app downloaded to your phone. You enter a PIN and it generates a one time key.

 

That, or a similar system, is used by some banks for their next level up online banking platforms.

 

However the maintenance (initial setup, reinstalls due to changed phones, resets of forgotten PINs etc..) are much, much higher than simple SMS 2FA.

 

 

 

 

 

 

 

 

 

 

 

 


1 | 2 
View this topic in a long page with up to 500 replies per page Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Geekzone Live »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.