Skip to content

Password Security – Banks won’t pay for credit card fraud – if Mobile or Kindle is stolen


Remember that blog I wrote about the top 10,000 passwords would crack 98% of all accounts. Well the banking industry is now set to use that to deny claims for fraud.  If your password is easy to guess, eg your year of birth, then you are not insured for fraud starting January 2013.

This is the time to start looking at password security – and take accountability for easy to guess passwords, as you won’t be insured.

Customers could be liable if they use a PIN that can be easily guessed or the bank decides they have been careless and allowed a criminal to see the number at a cash machine.

It must not be a number that can be easily guessed, such as a year of birth.

This means that those who have difficulty remembering numbers – for example the elderly – and so stick to a single PIN for a range of services could find any claim against fraud is rejected.

The new rules even extend to how customers use and secure their mobile phones, with a requirement that they have a password to activate their handsets.


Any customer who finds their mobile phone is stolen and then used to access their current account will find the bank can reject any claim for compensation unless it had password protection.

The moves have been condemned as ‘unfair’ and ‘unreasonable’ by a card security expert.

Ross Anderson’s Comments:

Last night card security expert Professor Ross Anderson, of the Cambridge Computer Lab, accused banks of trying to shift the cost of card fraud on to customers.

If Santander want to ensure that weak PINs aren’t used then they must issue random PINs to customers and not permit PIN change. That’s the line followed by some banks in Germany.’


In conclusion:

* Reset passwords on your mobile first.

* Reset passwords or disable Amazon Kindle Accounts Next

* Reset banking password

* Set up “rings of defence” – this is called “Defence in Depth”

* Pervasive computing means all those devices like Kindle, which can access your bank accounts… need to be heavily protected.  Maybe notify Amazon that no purchases via Whispernet are authorised and are deemed as fraud.  Print out that email, and keep it safe.

* Make sure the bank account password is different to that on your mobile or Kindle – or you won’t be insured.

  1. People who take out a online loan online or at a brick and mortar store are doing so because there is trouble in their budget.

    Online payday advance loans, however, do not have restrictions when it comes to use.


    • Pay day loans are currently under investigation in the UK – as they’re abusing their position.
      Interest rates of over 5,000% – bleed dry the average poor person, who is struggling with fuel costs, heating costs, electricity bills, – and certainly can’t afford 5,000% from a LOAN SHARK.
      They use bad tactics to get back their money.
      They’ll harass you and terrify you.

      Use these CRIMINAL loan shark companies at your peril.
      Sell stuff at a car boat sale,
      Sell stuff on Ebay – but DO NOT BORROW money from a pay day loan company… EVER.
      **RANT OVER**
      That’ll teach these bozo’s for commenting on a blog.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: