Security By “Gee, I Sure Hope Nothing Goes Wrong”
May 23, 2007
Have a seat children, gather close and let me tell you a tale of security, agenda, externality and banks.
About a month ago I went to my bank (who for the purposes of this story we shall refer to as Bank X) to order a replacement card for my credit and savings accounts. My current card had seen hard use and was in serious danger of splitting into two thinner and infinitely less useful constituent parts. I was informed that it should arrive in 10 working days or so.
Yesterday it occurred to me that I had seen no sign of a shiny new card, so I called the central Bank X helpline to inquire about it’s status. The operator was able to tell me that the card had been issued, and that we had something of a problem because the card did not require any form of activation to be used.
I asked if he was seriously telling me that the bank’s idea of credit card security involved sending a usable card through the ordinary mail service, and hoping that it wasn’t intercepted?
He said “yep”.
I said “good grief”.
He then advised me that the card would need to be canceled, along with my wife’s card for the same credit account. Naively I did not realise (though nor was it made clear to me) that this was because the entire account would be shut down and reissued with a new account number. Thus when I attempted to transfer credit funds onto my savings account account I was somewhat surprised to discover that the account was gone. I called back and was informed that the account had indeed been shut down and I would not have access to it until I received the new card.
In 7 working days.
At this stage I am afraid that I kind of passed the point of calm understanding. I have several bills that are directly debited from the visa account, and now faced the possibility of these payments defaulting. I also have online orders with Amazon (which are only charged when the item is delivered into stock and about to ship) and if my current order is canceled I will have to wait up to another month just for it to be restocked. At no stage during the process was it made clear to me that the whole account would be inaccessible until I received the new card. No suggestion of transferring funds before the closure or making alternate arrangements for any direct debits was offered. Nor was any attempt made to offer useful suggestions for resolving the issue or escalating my dissatisfaction.
So with no suggestions forthcoming from the call center (other than the brilliant and utterly useless observation that “it can be a good idea to have a second card for emergencies” – duh! That’s what the first card was for!) I found a number for a customer service line which I then called to at least register some kind of formal complaint. I was served by an operator who was not able to get me the card any quicker, but could get me the new account/card number and expiry date the next day when they were reissued.
While this provided a partial solution allowing me to change payment details with my direct debits, it has not been sufficient to provide me with a satisfactory resolution. It is appalling that the system for issuing a replacement card is so brittle and tightly coupled that the basic failure case (of a card going missing in transit) has an enormously disruptive consequence for the customer, through no fault of their own. I understand that the convenience (to both Bank X and the average customer) of sending out the new card without any safeguards likely far outweighs the inconvenience of what was described to me as a fairly rare event, but if this is the case surely such a rare event should have a useful response case by which the situation might be resolved more expeditiously (rather than just treating it as a card lost by the customer). If the consequences of such an (even rare) event are so dire, then they could be pointed out to the customer when ordering the new card, and an option provided of picking up the card from a branch or having the card sent by registered post for some additional fee.
I have a salary being paid in the next few days and thus will not now financially suffer unduly from the lack of access to my account, but if this had occurred early in the month I would have completely lost access to my funds for up to two weeks. Such a situation would have extremely dire consequences and was only avoided through sheer blind luck, rather than the bank’s systems or any conscious design. It seems to me that the cost of this situation (both financially and in time and convenience) is an externality to the bank, a cost not born by the business itself, and as such merits little attention. I shouldn’t be surprised really, Bruce Schneier has long pointed out that security and associated systems are at the mercy of agenda and financial pragmatism, but in a supposedly market driven world it is always a little bit of a shock to be shown just how little one person’s opinion can matter.