ING Bank Śląski introduces new login rules.
ING announces that from August 20, customers will have to log in a bit differently to online banking and the mobile application. All because of the PSD2 directive coming into force in September. It is because of it that banks need to trade a bit of user convenience for security. It's a good exchange.
Change of login to ING Bank Śląski.
From August 20, clients of ING Bank Śląski will be able to log in to the account in two ways. The system will either ask them to log in with the usual login and password, as it was before, or will ask you to enter the additional code sent by SMS.
The rules will also change if you log in to the mobile application. This can be done in one of three scenarios - we will either be asked for a PIN or biometric identifier, or both. Similar restrictions will also be introduced when making transfers or issuing other instructions in the application. Also in these cases, the bank may sometimes ask us for additional authorization by SMS or PIN.
When will ING ask for additional authorization?
Each time we log in to online banking, the ING system will assess whether two-factor authorization is needed in a given case. The bank does not specify in detail how the system will assess it, but it can be safely assumed that additional precautions will be applied when we log in to the new device every 90 days and in the event of an attempt to change sensitive information, because, as noted by bankier.pl , results it's just from the new regulation.
Why does ING introduce additional authorization?
The PSD2 directive coming in on September 14 will change the rules of the game when it comes to banking security. The new EU footnotes require banks to use strong authentication, i.e. to introduce two-step verification . This is a very good move that should significantly increase the security of our money, although of course it cannot fully guarantee it.
The problem is also that ING has not chosen the best way of additional authentication . When it comes to SMS confirmation, thieves around the world are getting better at phishing duplicate SIM cards from operators. Too often a smart cheater is able to obtain a duplicate of such a card without the knowledge or consent of its original owner. If they steal a smartphone from us, usually already at the first photogenic latte we realize that something has happened and we can react quickly by running to the bank branch. If you deactivate our SIM card and activate your duplicate, we may not understand for hours that something is wrong. Additionally, there are attacks on SS7 protocols operating in mobile networks that allow to take over the content of an SMS.
It is worth preparing for the upcoming changes and increasing vigilance.
If you have not used two-factor verification at ING so far, check whether the phone number your bank has is still valid. Be careful and alert your friends to the potential wave of phishing. Thieves are eager to take advantage of the changes and the confusion related to it, so in the coming weeks it is worth to be extremely careful reading emails and messages allegedly from our bank. If we have any doubt as to their veracity, we can either go to the nearest branch or simply call the phone number provided on the bank's official website and thus make sure that the email is actually from him and not from the thieves.
Get ready for a new way to log in to ING Bank Śląski. More complicated but safer