Banking Innovation
Well, sort of. The recent sale loss of my data by the Revenue prompted me to change my bank account this weekend. Not that I think I really needed to after the fiasco at HMRC, but I thought some rate tarting was in order.
Alliance & Leicester have two interesting things in their online banking interface: a “unique image and phrase combination” and a fake logout (no, really).
The former is quite interesting. You are given a picture to which you attach some phrase known only to you. When you’re shown that picture, you give them the phrase as part of the login process. I’m not sure how secure or otherwise this is, since the temptation to simply describe the image is very strong. However, as long as it’s used as an anti-phishing method (which it appears to be) then it’s rather nice. Would have preferred to have been given their public key for some 256-bit blowfish goodness, but hey. Who wants PKI when they can have a sand dune to look at?
The latter is a somewhat surprising bit of UI design. I finish my session and log out… but what’s this? I’m not logged out – I’m being sold to! Good job I wasn’t in an Internet cafe, because the first time this happened, I didn’t notice the message. I was so surprised, I’ve shot a video of it (1.1Mb ogg).
I’m with Alliance & Leicester as well, and I’ve always been blown away and a bit pissed off that you need to log-out twice – seems extraordinary really.
Marks & Spencer’s credit card website does the same thing, except it’s not trying to sell anything – it just wants to know if I’d like to continue with my logout…
I don’t know if you know but Alliance and Leicester was one of the other banks that was going under when the government stepped in at Northern Rock.
Yes, along with Barlcays. Lloyds seems to be the only one not significantly affected by sub-prime in fact, with whom I have my main current account. The A&L one is just for money laundering for Falun Gong. Ooops!