A real reply from my bank

Aug 02, 2010 14:15

Previously, on $TITLE: A letter to my bank.
Then: A [canned] reply from my bank.
Now: Today I received this reply:

I apologize that you found our first response unsatisfactory. I understand your frustration and I will attempt to clarify for you. First, we cannot remove the security questions as secondary security beyond a user name and password is currently mandated by federal regulation, this does not require two-factor authentication, only secondary authentication beyond a user name and password. Second, BECU is currently trying to develop a genuine two-factor authentication that is not cost prohibitive to our membership. As yet, not all computers are equipped with thumbprint scanners and retinal scanners are still incredibly costly, in addition, we do not currently have our members fingerprints and retinal scans on file. Single key fobs are becoming an option, but again, the cost is currently very high and would need to be passed on to our members. We considered requesting such information as current phone number, or ATM card information, however, we determined that this information could be very easily obtained by anyone you have given your card to for a purchase, and a driver’s license number is a matter of public record, so is not more secure than our current security questions. I will, however, pass along your request to our web development team to express the urgency of your desire to have a true secondary authentication system in place as soon as possible.

If you would like you can enter anything you consider a secure answer to your security questions. We are not able to see or verify your answers. The answers are held strictly within the computer system and the computer matches keystrokes of the answer you enter with the keystrokes of the answer you first entered when setting up the questions.

Unsurprisingly, no action will be taken. But at least the rep sounds like he understood my concern.
Previous post Next post
Up