On online banking fraud and Barclays useless answer

Ever since Barclays decided to introduce the PINsentry gadget as a means to reduce online fraud, I thought it was not one of the smartest business ideas you have ever taken.

The bank happily informs us on their website:

We have developed PINsentry in response to today’s increasing security challenges. PINsentry works by building in extra levels of protection when you bank online. Quick and easy to use, PINsentry is a real step forward in online security.

As a nowadays UK bank client, I have learnt that dealing with branch staff is of little use, and customers are re-directed to either phone or online banking services. As we all know, forcing customers to migrate to these low-cost systems is a strategy to cut costs, not an extra convenience for the clientele.

With no other realistic option at hand, I moved to the online option full time. I try to avoid talking to any teenager on their payroll as much as I can.

But then, last winter Barclays came across an idea as user unfriendly, top-down developed, and without the final user even in mind as you can get. PINsentry.

Please, can anybody tell me if they undertook the appropriate market research? A simple 5 minute focus group should have given them a quick answer. The device is inconvenient and solely relying on it to log on your online banking a mistake. If they got a more positive outcome from their supposedly market research, I would suggest they check the methodology or the sample. Stockholders be aware, Barclays plc may have been ripped off.

To begin with, I am always away so carrying around the calculator-like gadget is not only an inconvenience, but in several occasions I had to go back to the office, home, or Starbucks to get it.

Due to allegedly security reasons, you may think this device makes online banking more secure. Well, walking around town with laptop, debit card and the entry key to your accounts is not what I would consider safe at all. The first two are mandatory, the latter an annoying and pointless requirement from a brainless bank to access your own accounts (nearly as dumb as HSBC’s need to use a cheque to withdraw over the counter over your daily ATM limit.)

And here is where the story gets interesting. My PINsentry suddenly died early last week. When they send you your PINsentry they don’t tell you that you cannot get a new one straight from a branch, they can only post it to you. When I let them know that the thingy died, the answer came as “it sometimes happens”.

I could not wait, I had to check the account as soon as possible and I asked her whether I could not just stop by a branch and pick up one. She replied that “some branches had them in stock, and some didn’t” and she could not tell me which ones did. See, that’s good in-house communication, isn’t it?

Apparently they send you a replacement in 4-5 working days. The lady on the phone told me if I couldn’t ‘on the meantime, ask a friend to borrow his’. Or the town librarian, the baker, or why not the vicar? I have seen him at their branch several times!

In all fairness, they made it in 3 days, but it was a Saturday and the account was already overdrawn.

Seriously, what was Barclays thinking when the whole PINsentry idea was put on the table? Do they really see it as something useful for the customer? Does it really add that extra security for online banking operations? Did and does the cost of making and distributing the devices really makes for lost revenue on online fraud? I doubt it.

What’s wrong with business decision making these days? And now, we are half-body into recession and these are the leaders who’ll veer the boat off the tempest?

May (any) God be with us.



3 Responses

  1. Massive increase in fraud crimes should make the government and banks realise that their data protection and Chip and PIN systems are diverting rather than deterring fraud crimes.

    This shows that fraud will continue to grow until they exploit KEY and PIN system described on website http://www.xwave.co.uk which will deter BOTH identity and card fraud by making signature and PIN systems reliable and foolproof.

    Fake documents have made our signature system unreliable while skimmers and pin-hole cameras etc. have made PIN system unreliable. We have option to make signatures reliable by personalising them with ID stickers and option to use Card Key Code to make PIN system reliable to make use of stolen and skimmed cards meaningless. By ignoring to exploit this system banks are only letting fraud crimes grow.

    ID KEY system will eliminate the need for us to protect our personal and card details since fraudsters will be deterred from misusing these stolen details.

    Proposed ID KEY can be treated as a reliable international ID card because it will personalise signature and PIN number to only the right individuals in any country.

    We hope that the government and banks will appreciate these details and exploit KEY and PIN system before it is too late to stop a fraud boom.

  2. Roger,

    Spain has one of the lowest card frauds levels in the EU.
    I know it is annoying having to pull out your ID every time you want to purchase something, but some card issuers include your picture on the back of the card, saving you the trouble.

    No need for fancy gadgets and population-wide IDs and chip&PIN readers (marketed and sold my Ingenio and Barclaycard itself).

    Over the counter transactions solved with just inserting a picture on the back of the card. Done and dusted. As far as I know, other European countries have the same options.

    In terms of online card use, I am not an specialist, but giving away skeleton keys for any electronics geek to meddle with, doesn’t sound the sensible thing.

    Verisign sounds and works good for me, but I guess that that means extra revenue for Visa and banks are not keen to get on the wagon even at a lower online fraud.

    At the end of the day, everything is down to the bottom line, if enhanced security=higher costs for bank we will see doom headlines but no action.


  3. […] while back I already wrote about the inconvenience of their PINsentry invention, and how the ill-thought experiment cost me more than my share of stress for the sake of security […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: