New Bank Of Ireland security requirement
- Thread starter cremeegg
- Start date
Got this email a few weeks back:
"Over the coming weeks, you’ll notice extra security when you bank online. When you log on to 365 online, you’ll be asked to set up a “security device” i.e. your smartphone or tablet. You’ll need this anytime you log in or carry out transactions online, for example, to make a payment.
We will send messages to your phone or tablet so that you, and only you, can confirm that it’s you logging on to and using your account."
Steven Barrett
Registered User
- Messages
- 5,327
From this week, anytime I want to log in from my laptop, I have to confirm the log in from my phone. The app on my phone updated a couple of months ago.
Their online offering was years behind everyone else. They spent a fortune in just catching up with the others. They only became available on Apple Wallet (and I presume Google Pay) with the upgrade.
Their online offering was years behind everyone else. They spent a fortune in just catching up with the others. They only became available on Apple Wallet (and I presume Google Pay) with the upgrade.
I have a family member who has a smartphone, but it's an old version of Android. The app needs at least Android version 6.
There doesn't seem to be any fallback option i.e. via SMS.
For the moment, can still logon via browser, old app is dead.
Not an ideal time to be changing phones.
I don't think there are any reliable app 'emulators' for laptops.
There doesn't seem to be any fallback option i.e. via SMS.
For the moment, can still logon via browser, old app is dead.
Not an ideal time to be changing phones.
I don't think there are any reliable app 'emulators' for laptops.
RichInSpirit
Registered User
- Messages
- 1,185
Phew, I'm not alone.
I was thinking that everyone else here had all this sussed out already and was a bit embarrassed to ask on askaboutmoney.com.
I found that you can access the previous site on this link https://original.365online.com/online365/spring/authentication?execution=e1s1
I was thinking that everyone else here had all this sussed out already and was a bit embarrassed to ask on askaboutmoney.com.
I found that you can access the previous site on this link https://original.365online.com/online365/spring/authentication?execution=e1s1
Just on that point, Im sure plenty of folk forget to delete Bank Apps from their phones before changing them, also as far as im aware, you cannot download the app to your new phone unless the original one is deleted.
@LS400 That's a good point. FYI though .... I have the BOI app on two phones - both work no problem. Same with the KBC app. The PTSB app I think only works on one device at a time. If u install and register on say phone B ..... it will be automatically deactivated on phone A. Not sure about AIB app.
I have never been prompted to change my password since I started with BOI Online about 24yrs ago!!
There is going to be a physical key you can get from bank of Ireland if you don’t have a compatible smart phone.
You can’t order these yet. When I contacted boi, they said they would contact those affected down the line (I.e. those who have not switched over to authenticating via the app)
its mandatory for them to do this and it is there to prevent you being a victim of fraud.
Sorry but I don't think "mandatory" is the correct term more like over cautious
BOI had a 3 step login process, Your unique "User ID", a security question and finally 3 digits from your 6 digit pin
And now we have to have an additional electronic device beside me when I want to check my account on a laptop
It reminds me of our quality control dept, where we had to employ a person to check the checker, then the idea was floated that we really should be employing a checker to check the checker, who was checking the checker who was checking the product, total overkill IMO
BOI had a 3 step login process, Your unique "User ID", a security question and finally 3 digits from your 6 digit pin
And now we have to have an additional electronic device beside me when I want to check my account on a laptop
It reminds me of our quality control dept, where we had to employ a person to check the checker, then the idea was floated that we really should be employing a checker to check the checker, who was checking the checker who was checking the product, total overkill IMO
NoRegretsCoyote
Registered User
- Messages
- 5,766
I am not a security expert, but the issue is that these are all just strings of text that people often write down in the one place.
The point of a token, or SMS verification, is that it is a different type of of authentication mechanism.
This makes it more secure.
But you'd be OK, with them not following best practice and leaving your acocunt open for hacking? Seriously!!!!!
Mandatory is exactly the correct term here.
It's Strong Customer Authentication, part of PSD2.
2 factor authentication is required to be compliant, that is 2 of the following items:
1. Knowledge - something you know (for example personal access code (PAC), password)
2.Possession – something you have (for example a phone / app, code)
3. Inherence – something you are (for example fingerprint, face recognition)
I could and most likely be wrong here but I thought that PSD2 only applied to electronic payments and doesn't necessarily apply to just logging into your account to check a balance,
why as JPD says can I log into my account with only my phone but with my computer I have to have a second electronic device like a phone
Surely if it's "mandatory" it applies to all ways of accessing your bank account??
why as JPD says can I log into my account with only my phone but with my computer I have to have a second electronic device like a phone
Surely if it's "mandatory" it applies to all ways of accessing your bank account??