So, it's 2018 and @HSBC_UK still send me text messages asking me to phone a number, where the verification process requires my card number, date of birth and postcode. Even after providing my card no they refuse to give me any indication they have any information from my account.
-
Thanks for the quick response! I phoned 0345 607 7088 (received by text message), and spoke to "Frankie". She asked for my full name and card number. I provided these as I had already done basic checks that the phone number was genuine. She then asked for my postcode and DoB.
I refused to provide these additional details, and gave poor Frankie an explanation to pass on to whoever designs the security schemes why I didn't think this was a good idea.
-
-
She asked me to phone the number on the back of the card, which is fine in my case. But my problem is that the approach sets a precedent where the genuine verification process is indistinguishable from a phishing attempt which would capture useful information.
-
I understand that you have to earn my trust, but I also have to earn yours. That has to come in a handshake process where you gain my trust as I gain yours, step by step. I don't want to hand over so much private information with nearly zero proof of who I'm handing it to.
- Show replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.