- General
- Accommodation
- Adobe Flex
- Alnwick
- Apple
- Audio
- Beaches
- Bring up children
- Clients
- Consumer
- Cumbria
- Drupal
- Environmental Issues
- Firebug
- Friends
- Funstuff
- Garden Design
- Gardening
- Gardens
- Great cafes
- Great Places
- Internet / Web
- iPhone
- iPlus
- ipod
- IRD
- Macclesfield
- Northumberland
- Outdoor Equipment for Children
- Parenting
- Penrith
- Poor Service
- Programming
- Property Market
- Reviews
- Screencasts
- Self Catering
- Social Networking
- Software
- Street Furniture
- UK Housing Market
- Unix
- Unix Commands
- User Interfaces
Security Alert Gaping Hole in Barclays online banking system
Wed, 08/13/2008 - 10:24 — pdjohnson
How to bypass Barclays online banking security
Forgotten your card reader OR stolen someones wallet?
What are you going to do Barclays? - nothing so far
I have been using Barclays Online banking for as long as it has been available. I have been mostly happy with the service. Since the PINSENTRY feature was added I felt that the security had improved.
How to bypass Barclays online banking security
I noticed that you can completely bypass the PINSENTRY by visiting an alternative route into your intenet banking.
- Visit this url https://ibank.barclays.co.uk/olb/e/ForgottenCardReaderStandalone.do
- Supply the details in the form - BINGO - welcome to internet banking without PINSENTRY
- Now, ask yourself, who else could do this if they had / stole your wallet.
- if you think this is noone, read on
- the correct answer is anyone can get into your Barclays Internet Banking
Forgotten your card reader OR stolen someones wallet?
No problem, Barclays will let you into internet banking with 3 things which are in most peoples wallets or data avaialable to most of your colleagues, friends, family and fraudsters. See the form below - once this form is filled in you can set a password which will allow you in to the web site and access your banking. Try it!
Anyone with your wallet knows these details
- The connect card details - easy on the card
- Surname - easy on the card
- Birthdate - easy see my driving license
Therefore, there is no security on Barclays internet banking at all
Anyone could answer these questions? This information is not exactly private data.
- My Birthday is on my driving license, in my wallet
- Any member of your family, friends or even facebook members can get your birthday. Totally insecure.
- A thief who has got your wallet has your connect card number
My internet banking details are in my wallet printed on a card Barcalys supplied me withThe membership number is too long to remember unless you use the site very often- The internet banking number isn't even required!
What are you going to do Barclays? - nothing so far
This post has been sent to Barclays Internet Security via internetsecurity@barclays.co.uk for their immediate attention. Maybe I am missing something but I don't think so.
Barlcays Head Office Contact information
If you find this of concern why not contact Barclays Direct ...
Barclays Bank PLC
Head Office customer relations,
Level 10
1 Churchill place
London
E14 5HP
0800 282 39
or try the FSA 0845 606 1234
Bookmark/Search this post with:
Bookmark/Search this post
Recent popular content
Recent blog posts
- Snowing in Macclesfield
- Amazing new administration menu module for drupal
- Directory size in Unix
- Custom mail stationery templates in Apple OSX iMail
- Find a file or folder in linux / unix command line
- Greenhouse Restaurant at Larch Cottage Nurseries Melkinthorpe Cumbria
- New legislation protecting the consumer from illegitimate marketing online
- Alnwick Garden Nortumberland
- Lynda.com Essential Drupal Video Screencasts
- Strawberry Lounge Smoothie Bar and cafe Alnwick Northumberland
Syndicate
Comments
You're missing a lot really!
Even if you log on without the card reader you can only view statements and make first party transfers. This means a fraudster could only transfer money from your savings acc to your current acc and back again. I use the PINsentry system and am very happy with it and the extra security it offers.