For those interested in the unabridged responses we received from the banks, here they are.
First National Bank
Spokesperson: Lee-Anne van Zyl, CEO, FNB Online Banking
FNB has not changed their sentiment with regards to 22Seven, and never attempted to block access to 22Seven. We were still investigating the various options available with 22Seven to establish the most appropriate way forward. After careful consideration, we have decided that setting up a secondary user profile is the most appropriate option.
We maintain the views in our initial statement urging our customers to never disclose their personal details such as their Personal Identification Number (PIN), username, password and One Time Pin (OTP). Customers should never access FNB's Online Banking via a link, and should never respond to a request to 'update' or 'reconfirm' their banking details as this exposes the customer to phishing.
These are the questions I asked of the other banks
- Do you have existing features, or do you plan to launch features for your online banking that will allow for safe access to users' data by third parties?
- When do you plan to launch these features, if it all?
Absa
Spokesperson: Christo Vrey, Head of Absa Digital Banking Services
Absa would like to remind its customers that under no circumstances should they divulge their sensitive personal information (online banking PIN numbers and passwords) to any third party. As a responsible financial services company, the protection of our customers’ secure information remains paramount.
Our stance on third party personal financial management (PFM) services that request users divulge sensitive details will remain consistent with this, until further direction is received from the relevant regulatory and industry bodies. Absa is open to conversations with third party PFM service providers to explore collaborative models that do not violate the simple principle of never sharing one’s online banking logon credentials with any third party.
Absa customers in general have rightly expressed need for high levels of online banking security, and largely welcome Absa’s firm stance on the topic of online banking security. We protect online banking customers with a variety of technical measures including free logon alerts via SMS, free anti-virus software, market-leading innovations such as our unique SurePhrase™ welcome message.
Absa’s online banking service also allows users to securely download and export transaction history information into various formats, for use at their own discretion.
Standard Bank
Spokesperson: Itumeleng Monale, director of self-service banking at Standard Bank:
Standard Bank’s primary concern is always the security of our customers’ funds and information. We will therefore not support the disclosing of any banking logon credentials to third parties, especially in the case where those third parties have not engaged with the bank in detail to ensure alignment of security standards. In the event that a third party is allowed to store or intercept a customer’s banking logon credentials, the security of their account cannot be guaranteed.
As part of a new suite of functionality that will be made available to customers within the trusted environment of our online banking service, Standard Bank is already developing a financial management tool and related capabilities.
Engagements with the technology service providers for 22seven are currently being arranged to understand their environments and assess the potential risk to our customers if they were to utilise their service in accessing Standard Bank account information. In the interest of customer security, we urge our clients clients to ensure that they take responsibility for their accounts and we continue to recommend that clients do not use websites where they are asked to provide their login credentials, thereby putting their accounts at risk. Standard Bank has always encouraged clients to check the address bar when entering their logon credentials to ensure that they are entering their logon credentials only on the valid bank's site.
Nedbank
Spokesperson: Anton de Wet: Managing Executive Client Engagement at Nedbank
Nedbank recognises the rising trend of Personal Financial Management (PFM) tools, both globally and in South Africa. It shows that people wish to be able to access their information easily and take greater ownership in managing their financial affairs. There are a number of solutions available in the market today, including the Nedbank Personal Money Manager which can be accessed via
www.nedbank.co.za which can also help promote better financial management. People making use of any PFM offering, need to be aware of the risks associated with disclosing their personal credentials to others and use service providers they trust. Nedbank is continuously looking at ways to enhance security to ensure clients can transact safely in a digital environment.
