Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Debit card authentication

  • 19-04-2022 10:55am
    #1
    Moderators, Motoring & Transport Moderators Posts: 6,522 Mod ✭✭✭✭


    Ok, so I am using my phone to make a booking and pay by debit card. After entering all the relevant details on the relevant site, it tells me that I'm going to get authentication request, which is not unexpected these days.

    So, the question, why do I have to go through effectively a double authentication?

    I get a pop up, and it asks me to swipe to authenticate the transaction, and having swiped to say I approve, I then have to log in to my online banking with my pin to effectively authenticate a second time for the same transaction.

    I get that you want to be secure, but this is gettting to be more than a bit ridiculous, you've looked up my phone details from your system, made a relevant connection and got me to confirm the transaction, why is it then necessary to confirm a second time that it really is me that's doing the transaction, given that you've been able to get a successful swipe authentication already?

    Shore, if it was easy, everybody would be doin it.😁



Comments

  • Closed Accounts Posts: 1,293 ✭✭✭Bank of Ireland Reps


    Hi there,

    Thanks for getting in touch with us and we appreciate your feedback.

    Entering 3 digits of your 6 digit pin is an extra security measure that is in place to conform with Strong Customer Authentication.

    This is in place to help prevent fraud and ensure it is the account holder who is making the transaction.

    Please see attached here for more information on this.

    Thanks,

    Declan



  • Moderators, Motoring & Transport Moderators Posts: 6,522 Mod ✭✭✭✭Irish Steve


    OK, so let's clarify a few things here. First, I don't have an issue as such with SCA, it does indeed provide an additional level of security to prevent fraud.

    Where we are going to have to agree to differ is your definition of SCA, in that as processed today, I end up doing effectively a double SCA, the first being a swipe that says it's going to approve the transaction, which effectively it doesn't, in that after that's been done, I then have to wait while the BOI app loads, enter 3 digits of my PIN, which is not always immediate because of an ongoing and previously reported issue with the way the app accepts the digits of the PIN , and only then can I return to the vendor site to confirm that I've done the approval, and getting back to the vendor site page is not straightforward because of the way that Android doesn't close apps that have completed their processing.

    If I was buying €10,000 worth of stuff in China from a possibly unknown supplier, then yes, this level of paranoia is probably appropriate. Me paying Dublin Airport Authority €12.00 for car parking does not justify the same level of annoyance to approve the transaction.

    If I was doing the same transaction at an NFC capable device, there would have been NO checks as such, and with Google Pay it's even easier, and for a transaction below WiFi limits, which this was, having to go into the app and enter the 3 digits of PIN should be more than enough to be able to approve the transaction, going into the swipe option and then having to go into another level of approval for a transaction of such a low value to a known local supplier is not a meaningful security check, it's an annoyance that is going over the top.

    Shore, if it was easy, everybody would be doin it.😁



  • Registered Users, Registered Users 2 Posts: 4,077 ✭✭✭3DataModem


    I just sent 70k AUD via Revolut, using their SCA, which is SO much simpler to execute (and actually more secure).

    It is very tempting to ditch traditional bank apps in favour of the fintechs, for exactly reasons like this.



  • Closed Accounts Posts: 1,293 ✭✭✭Bank of Ireland Reps



    Hi Irish Steve

    Thanks for coming back to us on this.

    We will certainly pass on your experience and views internally to the App Team

    Thanks

    Alison



Advertisement