A deaf woman who had over £8000 stolen from her bank account by fraudsters has become the latest symbol of the insecure practice of using phone numbers as proof of identity.
Her case could also be an indicator that banks’ standard responses to “authorised push payment” fraud may be changing, after media pressure forced Metro Bank to reverse its decision not to refund the stolen money.
The incident began when Louise Harte, a profoundly deaf Metro Bank customer, returned from a holiday to find her mobile phone was no longer working, according to a
With access to her voice calls and SMS messages, and apparently some prior knowledge of her bank login information, the scammers were then able to set up a transfer out of her account to one in their control, providing the “security” code sent via SMS to confirm the transaction. £8,371 was transferred out; a second payment was blocked as suspicious.
After a month of wrangling with customer service at both Three and Metro — the latter of which initially refused to let Harte's son participate in conversations as an interpreter — Ms. Harte eventually figured out what had happened and convinced the bank retrieve some £5,700 which was still accessible. The remained £2,671, she was informed, had been moved on and would not be refunded.
After coming under pressure from the Guardian, Metro then reversed this decision, returning the remaining stolen funds and offering compensation of £250 — which was rejected by Ms Harte, who described the payment as “derisory.”
The case once again highlights the inappropriateness of using
Many of the simple metrics banks have used in the past are simply not up to the job any more. Part of this shift is cultural — things like your mother’s maiden name or the name of your first pet/school/teacher are far too easy to dig up in the Facebook era — and part of this shift is due to past security lapses such as the
A recent statement from the U.K.’s financial ombudsman may also have had an impact on Metro’s eventual response. Chief ombudsman Caroline Wayman
With the Financial Conduct Authority in the midst of a major