Friday, 7 January 2011

The border between security and inconvenience

We are all used to undertaking a balancing act between security and incovenience. When we fly, we accept (for the most part) that it is necessary to go through all those hurdles to get to the plane, as long as they don't become too personal or take too long. On the news last night we heard how Christians in Egypt, about to celebrate Christmas, have had to install metal detectors at the entrance to their churches because of attacks by radical Muslims. Again, they might not be happy with the measure, but they think it is worth the inconvenience for the added security. Well, I've got an example where I don't agree.

It's nothing so serious or life threatening - just a matter of internet security. But it's very irritating. My bank (I won't name them, but the picture is a bit of a give-away) has recently introduced a system for business accounts where, instead of providing a second password, you now enter an 8 digit number generated by a calculator-like electronic keypad. To do this, you have to insert your bank card into the keypad, enter your PIN, read off the number and type it into the computer. If you try to make an online payment it is even more stringent. Here, as well as the PIN, you have to enter into the keypad the account number you are paying to and the amount to be paid.

When this was first mentioned, I was quite excited. I like a bit of technology, and it felt rather James Bond. However - I check my bank account every day, and after a few days it has become intensely tedious. Where with my personal account I can pop in the passwords in seconds, here I have to find the reader, dig out my wallet, get out the debit card, shove it in, and go through that process. It's a pain.

Furthermore, one of the great things about internet banking is flexibility. If I had an emergency, I used to be able to pull up my bank account on my phone screen and undertake a transaction even if I were giving a seminar in Edinburgh. Now, unless I think to take the keypad with me wherever I go (highly unlikely) I can only do my business banking from my desk.

Without doubt this is stronger security than the old system, but was the old system really so bad? If it is so bad, why is it still good enough for my personal account? The second password, where you have to select three random characters and enter them in drop down lists seemed pretty bulletproof. This is one example were the balance between security and practicality has tipped too far. I want my convenience back, please.

3 comments:

  1. Right there with you, Brian. Same bank, same issues. I honestly can't see why the need for extra security for business account over a personal account. As Hannibal Lecter once said, tedious, very tedious.

    ReplyDelete
  2. Perhaps, John, it's just that they are trying it out on the (many fewer) business accounts, and if they can get away with it will introduce on personal accounts too...

    ReplyDelete
  3. Interesting Brian...I bank with Barclays who have used this thing for personal and business banking for years. I like it because it makes me feel all warm and snuggly. We use it too for our business banking. We like the security it offers, but perhaps how much you value security depends upon your balance?

    ReplyDelete