Hacker News new | past | comments | ask | show | jobs | submit login

Right now they use a single password for online and telephone banking. That's why it is numbers only, so people can enter it over the phone.

If they did what you suggest their users would need to setup one pin for telephone and a different password for online access.

So it is in fact for the user experience, but that only makes sense if you remember telephone banking is still a thing.




US banks require you call from the phone number on the account and have you enter your SSN after they match the # to their records. No separate pin needed.


Which is way less secure. Caller id is spoofable, your ss# is known by hundreds of people.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: