Frustration

[Michael GilliganParticipant @michaelgilligan61133]

Posted by SillyOldDuffer on 17/09/2022 10:08:13:

[…]

Unfortunately, proving identity can be quite difficult, […]

.

Especially when the Authorities discourage us from copying our Passport or Driving Licence !!

MichaelG.

[An OtherParticipant @another21905]

SOD – to rephrase your comment:-

Why should a "Ruritanian" resident risk being conned into having his money transferred to the UK just so a small number of Brits can operate UK bank accounts without having to prove who they really are?" – my comment is as valid as yours. The EU has banking rules, to which all banks within the EU bloc have to conform, with extensive checks – what is your evidence that these checks and balances do not work? My 'Ruritanian' bank certainly has given me no reason to doubt their security (and I have to prove my identity, place of residence, and source of income annually, as does my wife).

Quote – "If ex-pats don't have to prove identity, guess who the local mafia will pretend to be! And why should UK citizens put up with terrorists transferring money into the UK so they can set up an outrage?"

Where did I say ex-pats (and UK residents) should not have to prove identity? Of course this is necessary, but as Kiwiman and myself have found out, it is apparently designed to be both difficult to carry out and possibly insecure anyway – our complaint was about the failure of the banks identification system. And do you really believe there is no "Local Mafia" in the UK?

There have been repeated reports in the media that Britain is one of the larger centres of money laundering and illegal financing, which can be used by terrorists – however, you have gone off thread – Kiwimans original post referred to the difficulty of proving his identity – nothing anywhere about financing 'an outrage'

What is your evidence that 'foreign' banks are any less secure than 'UK' banks? As a UK national who has lived in many European/African countries in my 75+ years, I have no reason to believe UK banks are any better than any others, and frequently worse.

Why do you make the unfounded comment that "The EU is only a couple of years behind "?. I have accounts in Germany for over 40 years, as I noted. When I left Germany over 15 years ago (but retained my German bank account) they started at that point to ask me to confirm my identity at regular intervals, without creating the confusion the UK bank caused. Far from the UK being ahead in these matters, they lag badly.

If an institution wants to implement something such as an identity check, but then for 'security reasons' does not want to explain what is wrong when it doesn't work, then how does that 'work' – how can you resolve the situation? Why should the 'good guys' understand what is needed any more than the 'bad guys' – i would say if a 'bad guy' is prepared to break this systems, then he will make sure he know more about it than the 'good guys'

Finally, I would point out that I described my experiences to try and provide some information to help KIwi Bloke, not as a guide to bad banking. My conclusion was that perhaps he could contact his banks Customer Representation, and get some help, as I did. That help consisted of the Customer Representation agent investigating the problem with the papers I submitted in an attempt to comply with their legitimate request, and eventually notifying me that there check process had failed – telling me what was wrong with the documents, in effect.

[Tim StevensParticipant @timstevens64731]

I can offer a possible reason for passports to say the town (etc) of birth but not the country. In the last 100 years many country borders have changed, but fewer town names have. So, if the border of eg Poland changes (as it has been known to do) your passport still remains a true and up to date statement, even though the town was in Russia and then in Germany for a while.

Quite how this helps regarding Bombay and Mumbai I cannot explain, though. Other confusions are available.

Cheers, Tim

Edited By Tim Stevens on 17/09/2022 15:44:34

[Mike PooleParticipant @mikepoole82104]

The process of proving identity seems to hinge around having a birth certificate and the endorsement of a reputable person who has a public identifiable position. One you have a passport or driving licence you exist. Would the services of a notary public or similar role in NZ not be able to satisfy the requestor of your ID, this costs money in the UK though. Unfortunately business and government are not too bothered about people who can’t or don’t wish to embrace technology systems. Although my finances are in a solid position I fail identity checks that rely on a credit check as I do not use any credit services.This has inconvenienced me when I had to visit my mothers bank with various paperwork to confirm my ID as an executor for her estate. I do feel that business and government agencies should have a workable non tech. option as there is a significant segment of the population who do not own computers or smart devices. A friend down the pub was unable to complete the online boarding check in for his flight to France to visit his brother, I completed it for him which saved him the charge for airport check in. I am happy to use most tech at the moment but as the years tick by it does get more difficult. Fingerprint and face recognition does mean I don’t click the forgotten password button so much these days.

Mike

[BazyleParticipant @bazyle]

Another pain in the … is the assumption that because you have internet access you must have a mobile phone signal in your house not standing on the roof to get the confirmation code.

[Bill PhinnParticipant @billphinn90025]

Mike's post gets to the heart of the matter.

The banks, and increasingly government agencies, have a huge incentive (saving money) not to offer non-tech options with anything. So they let computers do all the work. But if the security algorithm determines you are dodgy, the algorithm shuts you down, and the task of reversing the computer's verdict or even appealing against it is immense and by no means guaranteed of success.

There was a case in the news a while back illustrating how appalling all of this can be for the individual affected.

A reader's comment on that article sums up the absurdities that can result from banks being overly reliant on computers:

"This happened to my wife – she took out a £25K loan from Barclays…..and it was deposited into her Barclays current account. Then bang – account closed and monies in it confiscated and she then had to prove that the £25K deposit was from a legitimate source. Massive sigh.
It took 2 weeks to sort it.. incompetence in the extreme."

 

Edited By Bill Phinn on 17/09/2022 17:19:41

[SillyOldDufferModerator @sillyoldduffer]

Posted by An Other on 17/09/2022 13:53:54:

SOD – to rephrase your comment:-

…

 

Oh dear, I see I've been misunderstood! Were my earlier posts on this subject read?

I'm explaining the problem, not poking particular banks or countries.

Bank security isn't the issue being addressed by identity checks. The problem is banks enable crime by setting up accounts without adequate identity checks. They're not criminal themselves. Outrages occur because it's too easy to transfer money anonymously. UK banks are as bad as any other and yes there is organised crime in the UK, just like everywhere else in the world.

Likewise I explained why proving identity is harder for those who happen to live abroad. I submit Kiwi has bumped into a system that doesn't deal well with outliers. Many organisations mishandle anything out of the ordinary, and it's extra difficult if the conversation takes place over borders and time zones. Not a criticism of local facilities or customers, it's just that if the required proof isn't provided by customer, the next stage is a communications breakdown. It's not because the system is 'designed to be both difficult to carry out and possibly insecure anyway', it's because the system doesn't match all circumstances.

Again, I was explaining why a security check might be unhelpful. It's a fact. A common example is what happens when a customer gets his PIN repeatedly wrong whilst using an ATM. The machine doesn't make helpful suggestions – after one too many mistakes it eats the card! I agree the unhelpful approach is tedious and annoying, but there's good reason for it – money isn't dispensed unless the card holder proves he knows the PIN.

The EU is a few years behind the UK based on when the legislation was enacted, 2017 versus 2018. However, what countries have done and when they did it is all shades of grey – many misalignments and leapfrogging. However, the thrust over the last 30 years has been to make the rules governing proof of identity ever tighter. Unfortunately, changing the rules is always likely to inconvenience some legitimate customers. For example, whilst I'd bet the farm DMB and his club are all thoroughly respectable, the bank can't show that's true unless evidence is provided, which ruins the club treasurers week!

No one is automatically above suspicion.

Dave

 

Edited By SillyOldDuffer on 17/09/2022 19:41:26

[DMBParticipant @dmb]

S.O.D.,. Yeah! It did wind me up at the time.

Recovered, found what looked like an easy, logical answer to the questions. It is aimed at ascertaining if the club is any sort of financial institution/organisation or a non profit organisation. Name and addresses of club and Treasurer and a sogned declaration that info is accurate. What a let out! Umpteen optional answers, mostly NO because we're not financial institution or entity. How bloody annoying for a small club of 55 members to be dragged into such red tape. As always, a few black sheep spoil things for everyone. Doesn't end there, new form for every change of Treasurer in future years.

"YBA" John

[An OtherParticipant @another21905]

Hi, KB – I probably didn't make it clear in my posts – I had to shorten what as a long story for obvious reasons, and I see I may have not made it clear – The photographs (all the documents in fact) I sent had to be stamped and signed by a notary public or 'other responsible person' (hence my comments on the reliability of said persons. It is a common practise in this country). That said, like you, I am totally unable to understand why they should 'prove' anything. All it means is that the notary is confirming that the picture he has 'guaranteed' is of the person who is standing in front of him at that moment – as soon as he leaves the room, it is invalid, much like a UK MOT. However, this was what the bank requested (amongst other things), so perhaps you could explore that possibility.

I also agree with you that you get an endless runaround from telephone script-kids at the bank. If a phone call doesn't work, I found a registered letter to the appropriate manager/director may work. These addresses are often on their website, or other documentation, I don't know about NZ, but in most of Europe (and even the UK!), bank officers addresses must be public – even if they are hard to find sometimes! I have tried long and hard to find other ways of applying pressure, but no success   – I'm beginning to think the old sock under the mattress had something going for it!

SOD – I read your posts – I didn't misunderstand them. Have you read and understood mine? You will note my bank eventually accepted my documentation with no reflection on either me or the conduct of my account – so I have to ask why you believe an account used to allow a small pension to be paid due to British inflexibility would be of any use to 'Terrorists' or any other person trying to misuse it, and why you seem to think I am operating a nefarious account?. I'm sorry, but I think your lack of imagination and experience in this subject is apparent, (have you ever had a Non-UK bank account)? You introduced several 'urban myths' into the discussion for some reason. You would encourage more useful comments by refraining from diversionary tactics.

The PIN card being eaten is a very poor example of failing to provide information as a means to improving security. You have a PIN number so it provides a measure of security to the user ("My PIN Number – my card". Its not brilliant, but another step in improving said security. I have no problem with this – I would not like to think I lost my card, and someone who found it could put it to nefarious purposes, so I have no problem with the ATM 'eating' it after several attempts at use. A call into the bank will restore it to you unless there are exceptional circumstances. The only time this happened to me was in England, and the reason given was 'I had not used the card for a long period' – some reason!

I explained to you that my German bank had implemented some measures which the UK banks had not. You appear to think these measures instantly come into being when legislation is enacted – all these techniques have been use for many years, and the EU enacting regulation simply formalizes it. Its easy to look up the relevant stuff online – it means nothing in many cases, since it happens long after the event.

So once again: I, and others, are trying to help Kiwi Bloke by relating our practical experiences, and how we tried to deal with them – you introduced all these irrelevant 'urban myths' relating to bank security for some reason, so I will leave you to believe what you will – hopefully you never have the same worrying experience of KB and myself.

Edit to remove useless emoji – and again for same reason. Third time – can't get rid of the confounded things – sorry

Edited By An Other on 18/09/2022 10:49:59

Edited By An Other on 18/09/2022 10:51:02

Edited By An Other on 18/09/2022 10:52:04

[SillyOldDufferModerator @sillyoldduffer]

Posted by An Other on 18/09/2022 10:46:21:

…

So once again: I, and others, are trying to help Kiwi Bloke by relating our practical experiences, and how we tried to deal with them – you introduced all these irrelevant 'urban myths' relating to bank security for some reason, so I will leave you to believe what you will – hopefully you never have the same worrying experience of KB and myself.

…

Urban Myths eh? Strong stuff. I try hard to be factual and always admit mistakes. Not necessary in this case!!!

Possibly a collision of philosophies. When problem solving I find it useful to understand why things are as they are. Works better for me than addressing symptoms without worrying about the cause or circumstances. To me, understanding how systems work and fail in a case like this is more useful than taking random shots at the problem, though suggestions are always welcome.

With all due respect to practical advice, what's practical in Eastern Europe many not be practical in New Zealand. We already know what's practical in the UK doesn't help Kiwi because he can't turn up in person with his supporting documentation. A major part of Kiwi's problem is that the identity check system he's struggling with is in the UK and he isn't, plus he doesn't have a passport.

Also with due respect, my PIN ATM example has been misunderstood. Consider what the ATM should do when the customer makes a mistake and why. The system could be helpful, perhaps telling the customer which digit is wrong and allowing endless retries. In practice ATM don't help customers that way because clues make it possible for crooks to work out the PIN by process of elimination. Instead, when the card is eaten, the customer has to jump inconveniently through the hoops necessary to get a replacement. Proving identity is a similar security problem: I suggest an identity check system should explain what is needed but not what the person claiming identity is getting wrong. The purpose is to prove identity, it's not a straightforward transaction designed to make the customers life easy.

Another way of gaining insight is to reverse engineer the question. If we were put in charge of making sure all bank accounts were solidly linked to a traceable individual, what questions should be asked, and what help should be provided if the answers are wrong? Before deciding what help to provide, we know a significant number of accounts are held by liars to be rejected, and that some accounts are legitimate but held by people who can't easily prove who they are. At some point the system has to say no, and it mustn't be easily fooled.

Security systems are tough on customers who can't answer the questions because the system's purpose is to provide a high standard of assurance. It shouldn't relax the rules to help outliers just because they can't answer the questions. I think the fault here is the banks assumption that the third party has covered all the bases, and they haven't. The cure is to either find a way of making the online system happy, or to circumvent it by contacting the bank directly and persuading them.

We all agree it's a pain. Surely it helps to know that the system isn't deliberately designed to inflict unnecessary bureaucracy and that there's good reason for it? I agree the system is imperfect.

Dave

[An OtherParticipant @another21905]

Sorry, SOD – once again you have not read my posts – please refer to my first post in this thread, which describes the problem as being identical to that experienced by Kiwi Bloke – I fail to see what me living in Eastern Europe or Kiwi Bloke in NZ has to do with it – as we have found out, it is entirely due to apparently unworkable UK rules, not local national rules.

I also believe you would be hard put to it to find people who are entirely happy with the service from their banks. Consider that the banks are (first and foremost) in business to make money, but they have to do this by providing customer satisfaction – how many people do you know that have a problem with some or all their bank services? They use our money – we are entitled to effective service in return. I'm really not interested if they are driven by rules and regulations passed by Governments – we, the customers, have every right to demand that faulty services such as I/KB experienced are either rectified or changed – I certainly will not sit still while they dump all over me, because in most cases, I never agreed to their imposition of badly thought out rules and ideas.

I would like also to say that I believe this thread has dragged on to no useful purpose. As I said much earlier, perhaps your input was relevant, but what help is it to Kiwi Bloke?

I believe that is one of the eternal problems of this forum – it has been from the day it opened for business, when I made my first post – it is highly prone to attracting long, often uninformed treatises which are of little direct help to anyone – and I do not claim to be innocent of this. I agree that an understanding of things could be useful, but I also think that KB wants advice on what he could do. I suggest your input would have been better in a separate thread. I have no wish to suppress informed discussion, I just wish it was a little more 'directed' and useful than it frequently is. I once complained (years ago) about irrelevant postings, and promptly received unpleasant abuse, amongst which was a directive 'read only the stuff which has relevant information'. I'm still working out how I can do that without reading all of the postings, given that so many go off track.

My own personal 'hate' is unsupported statements – akin to 'fake news', which is why I challenged some of your statements. I do not accuse you of making incorrect statements, but you have said many things, and provided no supporting evidence, whereas KB and myself were involved in a practical position. You are not the only person who does this, nor, again, am I innocent of this, but there comes a time…. I'm interested in reading helpful posts – there is more than enough useless stuff to be found elsewhere.

Edited to add:

Here endeth my input. – good luck Kiwi

 

Edited By An Other on 18/09/2022 19:57:18

[Kiwi BlokeParticipant @kiwibloke62605]

Update, and apologies for flogging a moribund donkey.

The bank's 'one size fits all' approach to ID verification isn't fit for purpose in all cases. Not surprising, but there seems to be no flexibility and no interest in retaining account-holders (50 years, in my case) who are in any way out of the 'ordinary' (which means easy to deal with). The only way to establish communication, having exhausted the script-reading waffle of the 'phone 'advisors' is to raise a complaint. I wrote (snail mail) on 24 Sept. I'm told that my file shows no record of any letter having been received.

This UK account is valuable to me because Premium Bond wins can't be paid into overseas accounts any more (why the hell not?), and NZ banks have declared cheques obsolete. I have a full holding of Premium Bonds, so can't use the 're-invest' option. I suppose I could try to redeem a chunk, and re-invest future wins, but how would I deal with the million pound prize that's coming soon?

The problem is that it's too easy for bureaucrats to fiddle with things, and then hide behind the barricades that organisations erect against being made to take responsibility for their actions. Grrr!

[Speedy Builder5Participant @speedybuilder5]

All I can say KiwiBloke, you are lucky the bank hasn't told you to close your account. After BREXIT, Barclays Bank is closing accounts of "Europeans" if they don't have a UK address. Yes most of us could offer an address of someone in the family, but that is not strictly legal. AND Barclays are not on their own in closing accounts.

Bob

[CirclipParticipant @circlip]

A few years ago, I tried to set up an account with the HSBC. This was to enable a colleague in the Fiddlepines (His description) to transfer on occasions, funds for me to purchase model engineering items a post (Royal Mail) out to him. Why not him do this direct? Cos many suppliers wouldn't do this. After discussions with various bank officials, they refused me on the strength of the POSSIBILIY of it being used for money laundering.

Recently had to verify my identity via scans of passport and driving licence. Passport was fine as I already had a scan of this BUT Driving Licence was rejected because it wasn't scanned in COLOUR. This was to 'Allow' me to set up an account to send a cheque to them. This was to ensure that this would be sent to them via first class mail (?) to arrive within 24hrs of order otherwise, possibility of them cancelling the order. Delays due to PO strikes NEARLY caused this.

Regards Ian.

[Gary WoodingParticipant @garywooding25363]

My wife and I have a joint account with NatWest; we both have Debit cards for it. A month or so ago we each received notification that our Debit cards had been changed from Visa to MasterCard and would have to be activated within a few weeks of receipt. The few weeks elapsed and I took them down to the bank. I activated mine OK, but my wife's gave an error – she had given me her old card. I phoned her and she was adamant that her replacement had not been received. I spoke to the bank teller to request a new card, but was refused because the old card had my wife's name on it. Same surname as mine, different first name. It's a joint account but, according to the bank, they can only issue a new card to my wife. Data protection?

[John Doe 2Participant @johndoe2]

Posted by Bazyle on 17/09/2022 17:13:56:

Another pain in the … is the assumption that because you have internet access you must have a mobile phone signal in your house not standing on the roof to get the confirmation code.

I remember years ago a colleague asked on our work forum which was the best mobile network, (UK). I answered vodafone, since they do have the best network – from a radio coverage point of view. I got flamed because it wasn't the cheapest, or the one with the most pointless freebies or add-ons.

But in 24 years with vodafone I have always had a signal when I needed it apart from literally a couple of times in remote locations. Most of the time the vodafone network is very reliable. (Just a happy customer).

These days cellphones have a setting to enable them to use your house Wi-Fi to make and receive phone calls. Well iPhones do, I would assume other makes do too.

Regarding the OP's problem; is there not a neighbour with a camera phone or web camera who would let you use it for half an hour and a couple of beers? Or your local library or internet café perhaps ?

.

Edited By John Doe 2 on 18/10/2022 15:28:48

[DMBParticipant @dmb]

Referring to my previous posts and being mentioned by one or two posters, date of first letter from Lloyds was 5/7, second letter 22/9, 48 day turnaround. When I supervised a correspondence section in my younger days, I would had my rear end kicked long before I responded to customers in 48 days. Given the time of the year, holiday s were hopefully the reason. As it's now a further 57 days, am hoping that I've cracked it. I have studied that form at length and cannot see any other possible way that it could be filled in, given my clubs circumstances. So, fingers crossed!! Needless to say, I kept a copy of both attempts. The second letter only said which questions I had not answered and that was because I thought they were irrelevant.

John

[OldironParticipant @oldiron]

Posted by Bazyle on 17/09/2022 17:13:56:

Another pain in the … is the assumption that because you have internet access you must have a mobile phone signal in your house not standing on the roof to get the confirmation code.

Been through this today with BT for a friend. He lives in a "notspot" so texts are very difficult to get. But BT although they admit reception is bad in his area still insisted on texting a code to him so he could confirm his identity. The code never arrived so that job has stalled untill he takes his laptop & phone to another location to complete the process.

regards

[Kiwi BlokeParticipant @kiwibloke62605]

Oldiron provides yet more evidence that the machinery of the modern world has been designed by, and is being operated by, idiots.

NatWest has devolved the ID 'verification' to HooYu, and presumably thereby hopes to insulate itself from responsibility when HooYu gets hacked. (Note 'when' not 'if'&#39. Previous posters, and the bank's 'phone script-readers have suggested that I use someone else's 'phone or web-cam-equipped laptop to complete HooYu's ID 'verification' (pause for laughter) process.This is completely missing the point, which I thought I made clearly enough at the beginning of this sad little thread. The process is flawed.

What mechanism do money launderers frequently use for their nefarious purposes? They pretend to be someone else. This is facilitated by their stealing or buying someone else's identity. What information is required by someone intent on stealing your identity? Let me think. Oh yes, information about your identity, the more detailed and 'official' the better. Therefore the transmission of detailed identity information, such as passport info, etc. should be by an as secure as possible process.

Is the internet or the mobile 'phone network an inherently secure system? I don't think so. One can take steps to reduce risk, by taking care that your device is not compromised. You could be hard-nosed about this, and say that security is therefore your responsibility. But we ordinary mortals don't know enough to ensure security, and crooks are clever. It has recently been reported that perhaps 40% of Australians have had their identity information compromised by a single attack.

Thus, the suggestion to use someone else's, or a publically-accessible device is preposterously stupid. There is no way to have any confidence that the unknown device had not been compromised. 'Man in the mobile' and 'man in the browser' exploits are said to be undetectable by the user at either end of the link, and this type of exploit is considered the greatest risk to internet banking. Using a possibly compromised device lays one open to identity theft by 'man in the middle'-type exploits. Thus the stupid bank is suggesting something that increases the risk of identity theft, and thus facilitates money laundering!

Someone please tell me I'm wrong!

[SillyOldDufferModerator @sillyoldduffer]

Posted by Kiwi Bloke on 19/10/2022 07:18:09:

Oldiron provides yet more evidence that the machinery of the modern world has been designed by, and is being operated by, idiots.

… Previous posters, and the bank's 'phone script-readers have suggested that I use someone else's 'phone or web-cam-equipped laptop to complete HooYu's ID 'verification' (pause for laughter) process.This is completely missing the point, which I thought I made clearly enough at the beginning of this sad little thread. The process is flawed.

…

Is the internet or the mobile 'phone network an inherently secure system? I don't think so. One can take steps to reduce risk…

But we ordinary mortals don't know enough to ensure security, and crooks are clever. It has recently been reported that perhaps 40% of Australians have had their identity information compromised by a single attack.

Thus, the suggestion to use someone else's, or a publically-accessible device is preposterously stupid. There is no way to have any confidence that the unknown device had not been compromised.

…Thus the stupid bank is suggesting something that increases the risk of identity theft, and thus facilitates money laundering!

Someone please tell me I'm wrong!

I suggest Kiwi is right, but goes a step too far in assuming the 'stupid bank' is insisting on a pointless step. The point is well made that 'ordinary mortals don't know enough to ensure security'. It applies in both directions! Not many customers understand what banks and businesses should do about security. However, it's reasonable to assume a bank employs security experts, who do know what they're doing, and will come up with something practical.

There's a hair in the soup. Computers aren't automatically secure and being connected to the internet means they can be attacked by any other computer on the internet. Also, because computer security costs money, it's all too likely that someone will choose not to spend it. If I remember correctly, Australia is a good example of this. When the government announced they were going to legislate to protect data, they were lobbied by a business community keen to keep costs low. This fitted quite well with the political belief that people should look after themselves, but missed the point that a big law firm with sloppy computer security would lose all their customers data and the customer could do nothing about it even if he was a tough. The UK system is stronger, but in my opinion also badly flawed. Here organisations who loose data are fined after the event, potentially heavily, but the customer is still shafted. Perhaps the main advantage of the UK system is that the size of the fine indicates how much a business should spend on security, which isn't nothing! I'd prefer a pro-active system, in which businesses have to meet standards and are subject to unannounced spot checks.

However, computers are no different to any other form of security. We often do things that need to be protected from dishonesty and negligence. Life is risky, making it always necessary to take reasonable precautions. Trouble is what's 'reasonable' depends on the risk, which isn't easy to judge. Kiwi feels providing a live picture by insecure means is dangerous. Although I agree he's 'not wrong' I think it's the bank who are taking the risk that Kiwi isn't Kiwi! From a security point of view a live photograph certainly isn't conclusive, but it adds to the overall evidence that the bank are dealing with an identifiable individual. And remember they're meeting a legal requirement to tighten up on dodgy bank accounts, not trying to prevent all forms of cybercrime!

So I'd go along with it because getting into a frustrating fight with faceless bureaucracy risks apoplexy. Don't forget to say 'cheese'.

Dave

[Kiwi BlokeParticipant @kiwibloke62605]

SOD/Dave, I was hoping for your input. Thanks, always interesting to read your contributions.

I chose my words carefully, when I called the bank 'stupid'. Stupid in the sense of unintelligent. Unintelligent enough to realise that a 'one size fits all' approach isn't appropriate. There are many alternative ways of 'proving' identity, which are acceptable in UK law, but NatWest has devolved this task to HooYu, which requires it to be done live, on the 'net or by cell-phone. There is no alternative. Is this not stupid? (Cynically, I suppose that, from the bank's perspective, this is pretty smart, but you know what I mean.)

Also, this is the bank which didn't raise an eyebrow when bin-bags of millions of pounds of cash were deposited nefariously. So yeah, stupid!

Can anyone please explain to me how going through a process of sending a live photo of eg a passport (which I don't have), followed by a live 'selfie' establishes me as who I claim to be? In other words, does this reassure NatWest that it is in fact me, to whom it has been sending statements, cards, etc. for over 50 years? Surely it's only useful if the photos are 'validated' against a database of existing photos. I assume that part of the purpose of this exercise is the building of such a database. Big Brother is alive and well, and working for HooYu, and any other data-gathering outfit you care to think about.

Edited By Kiwi Bloke on 19/10/2022 10:57:30 (typos and brain-fade)

Edited By Kiwi Bloke on 19/10/2022 10:58:59 (finger stumbles…)

Edited By Kiwi Bloke on 19/10/2022 11:00:38

[Michael GilliganParticipant @michaelgilligan61133]

It looks like you will have a struggle, Kiwi

This is a frame grab of the hooyu landing page, this morning:

.

.

MichaelG.

[Kiwi BlokeParticipant @kiwibloke62605]

That's frightening, Michael! Imagine how difficult it would be to clear your 'name' if this outfit, with ever-further-reaching tentacles, blacklisted you. Nowadays, it seems that you are blacklisted by default, until some 'security' outfit deems otherwise.

For those who think that worrying about this sort of thing is only for the conspiracy theorists and tin-foil hat wearers, remember the Crypto scandal. This was a Swiss firm that for decades after WWII supplied encryption machines to many governments across the globe. Eventually, it was discovered that the CIA owned and controlled the firm, and that machines supplied to over 100 countries were compromised, allowing the CIA to read their output. Now, it's been reported that another, smaller, similar company, Omnisec, is also a CIA operation. Constant vigilance! Trust no-one!

If you were a well-resourced organisation (or unfriendly country), intent on gathering as much personal data as possible, on as many people as possible, where would you direct your efforts? Wouldn't HooYu be a prime target? Let's hope their security defences are impregnable. What's the chance of that?

[Michael GilliganParticipant @michaelgilligan61133]

This is all rather glib: **LINK**

https://www.natwest.com/current-accounts/ID-verification-HooYu-details.html

MichaelG.

.

German word of the day = glibberig

Edited By Michael Gilligan on 19/10/2022 21:18:14

[Michael GilliganParticipant @michaelgilligan61133]

… and, of course, our though-provoking Latin quote of the day must be:

**LINK**

https://en.wikipedia.org/wiki/Quis_custodiet_ipsos_custodes%3F

MichaelG.

[Author]

Posts