My VISA debit card was recently compromised. For the n’th time. It happens every few years, with unauthorised withdrawals from my current account to mobile network operators and the like. The amounts extend to the tens of pounds, and are often preceded by £0.01 transactions to test whether the account is active and details correct.
One puts these security breaches down to card ‘skimming’ by unscrupulous shop workers, and insecure databases belonging to careless or worse online retailers. The money is returned, in time, but it can be a major hassle, and we all pay for banking fraud through increased account charges and diminished interest on savings.
The banks’ fraud detection systems are improving with time, and one shouldn’t complain about the odd false positive which leads to an annoying automated phone call detailing one or more suspect transactions. At least the banks are on the ball, which is obviously in their as well as our financial interests. But I cannot help thinking that the system contains some serious flaws.
Take, for example, my recent experience of the fraudulent extraction of fifty quid from my Barclays current account, with the main withdrawal of £49.99 preceded by one of those penny transactions referred to above. A ream of paper and handwritten ink and several weeks later, I receive through the mail a letter stating that the investigation is now complete, and the £49.99 has been refunded to my account. A day later I then receive another letter, announcing that the remaining £0.01 has been similarly reimbursed. A ‘WTF’ moment, and one among many that day, sad to say.
Why do British banks and other corporations insist on doing business this way, wasting time and money, both mine and theirs? It need not be so, and it is interesting to note that, in many respects, local and national government agencies are often more advanced than the private sector. As usual, Britain is a bit slow on the uptake, lagging up to a decade behind our European neighbours.
In Denmark, ‘e-government’ has been in operation for donkey’s years, and my bank of choice over there, the transnational Scandinavian concern Nordea, prefers to communicate with customers by electronic means. When wishing to contact me, the bank would send an email requesting that I login to a secure system, where there would be waiting for me a more detailed communication.
A combination of email and secure electronic messaging is every bit as secure as dead tree letters, if not more so, yet Barclays and other banks in the UK refuse to use email and encrypted online communication to discuss matters relating to specific bank accounts. Why?