Nedbanks Approve-IT system

Eniigma

Expert Member
Joined
Aug 18, 2006
Messages
3,652
Reaction score
8,182
Location
Durban
What do you guys and girls think of Nedbank's new Annoy-IT, um I mean Approve-IT service on their internet banking?

For those who don't bank with Nedbank, basically whenever you start to do a sensitive transaction, say add a new beneficiary or transfer money from a savings account to your current account you get a MMS that you have to respond to, to approve it or reject it. Oh and then you get another that you have to respond to when you want to finalise it.

I find it ruddy annoying, I could handle it once per session, but twice per transaction is overboard and heaven help you if you have multiple transactions to do.

They claim it is more secure then the one time pin they used to sms to you. How? If your phone has been stolen or cloned, the criminals are still going to be able to respond and the bank has know way of knowing it's not you. All I see it as is an excuse for the bank to blame you if there is fraud "But you responded with the approval message".

Also you have a short time to reply so what happens when the networks are busy and those MMS don't arrive or arrive 30 minutes later?

And are Nedbank going to pick up the tab if you are billed by your cellular provider for responding?

I've voiced my displeasure to Nedbank and they've just come back saying it's mandatory and the usual drivel about "comments on the current usage of the service are much appreciated" and "Approve-IT is a much more secure option than OTP and as such, Nedbank hope to reduce the number of cases of fraud experienced by clients and the Bank." and of coarse this pearler "Approve IT is a mandatory feature that cannot be removed."

But of coarse "We do apologise for any inconvenience caused."

How about they listen to their customers and actually develop systems that can be applied where needed?

They could even go as far as saying we highly recommend this system, but if you don't want it fine but then we exempt ourselves from re-reimbursing any money lost due to fraud committed through your internet banking profile.

/rant

Do other banks have similar systems in place? I'm particularly interested in FNB. I've been with Nedbank for 12 years and I think it's finally time to move on.

Short of complaining to Nedbank via email / web feedback or in the branch every time I run into it, is there anything I can do to actually get something done about it?

Or am I just being a total douche?
 
This is a fail because you have to pay for the SMS you send back to Nedbank. They might as well be increasing your banking charges.

Its also a fail because in some instances people could be out of airtime - this means they cannot transact until they recharge.

Not a very practical system in my view.
 
This is a joke of a system. I'm with Nedbank and this system worked for about a week with me and then just suddenly stopped whenever I want to transfer money etc. Not too phased, switched over to FNB a few days ago.
 
Hmm, not had any problems on my side - I prefer it to punching in those random 5 digit code numbers which is what I had to do before. Now you just press "1" or "2" and off it goes. One time I had some kind of timeout (forgot to press the OK button or something, and it then reverted back to the old SMS 5 digit code system).

PS: Does it actually use SMS? I thought it used USSD. I don't see any record of the interaction in my SMS inbox.

PS: I thought I read somewhere that Nedbank has the lowest fraud incidence of the big banks (not sure of sauce though so treat statement with the necessary scepticism)
 
Why does anyone still bank with Nedbank? Seriously?!?!?!

I moved from Nedbank and haven't looked back!!!!!

PS: Do you still pay for teh sms's Nedbank deliver? If so, thats 4x sms you pay for PER TRANSACTION!!!!!

&*^*& off and die Nedbank!
 
If I am thinking of the same thing you guys are, there are no sms'es or mms'es involved.

And that is the beauty of it actually. If I understand correctly it is certificate encrypted IP based data traffic directly to your phone, which also means your telephone number is irrelevant. So in effect you have one less impersonation/interception possibility.

I think it's pretty neat.
 
If I am thinking of the same thing you guys are, there are no sms'es or mms'es involved.

And that is the beauty of it actually. If I understand correctly it is certificate encrypted IP based data traffic directly to your phone, which also means your telephone number is irrelevant. So in effect you have one less impersonation/interception possibility.

I think it's pretty neat.

I assumed it was MMS as I know it's not sms, but it seems is it USSD

Still if your phone has been stolen or cloned it makes no difference... it gets sent to the cell number that OTP's where sent to.

Surely if it's a data connection to your phone (think mini vpn) it's still going to decrease your data bundle and hence it is costing you extra.
 
I assumed it was MMS as I know it's not sms, but it seems is it USSD

Still if your phone has been stolen or cloned it makes no difference... it gets sent to the cell number that OTP's where sent to.
If your phone gets stolen you get a new SIM (sim swop) and notify the bank. As I said, if we are thinking of the same verification system which I think we are, the cell number is not used at all.

Surely if it's a data connection to your phone (think mini vpn) it's still going to decrease your data bundle and hence it is costing you extra.
It's not a VPN connection of any sort, it's direct encrypted IP traffic. Just like you don't need to make a VPN connection to log into your internet banking page. The amounts of data it uses is miniscule, would only be a few hundred KB p/m at most.
 
I assumed it was MMS as I know it's not sms, but it seems is it USSD

Still if your phone has been stolen or cloned it makes no difference... it gets sent to the cell number that OTP's where sent to.

Surely if it's a data connection to your phone (think mini vpn) it's still going to decrease your data bundle and hence it is costing you extra.

If it's a data connection then, like whatsapp, the cost of the traffic would be miniscule in comparison to cost of SMS/MMS...dunno though, only speculating - don't know enough to be definitive...
 
Why does anyone still bank with Nedbank? Seriously?!?!?!

I moved from Nedbank and haven't looked back!!!!!

PS: Do you still pay for teh sms's Nedbank deliver? If so, thats 4x sms you pay for PER TRANSACTION!!!!!

&*^*& off and die Nedbank!

'Multiple exclamation marks,' he went on, shaking his head, 'are a sure sign of a diseased mind.' -- "Eric", Terry Pratchett
;)
If I am thinking of the same thing you guys are, there are no sms'es or mms'es involved.

And that is the beauty of it actually. If I understand correctly it is certificate encrypted IP based data traffic directly to your phone, which also means your telephone number is irrelevant. So in effect you have one less impersonation/interception possibility.

I think it's pretty neat.

+1 You also don't have to type in those one time passwords, which is better. And there's less delay than with SMSes.
 
What do you guys and girls think of Nedbank's new Annoy-IT, um I mean Approve-IT service on their internet banking?

For those who don't bank with Nedbank, basically whenever you start to do a sensitive transaction, say add a new beneficiary or transfer money from a savings account to your current account you get a MMS that you have to respond to, to approve it or reject it. Oh and then you get another that you have to respond to when you want to finalise it.

I find it ruddy annoying, I could handle it once per session, but twice per transaction is overboard and heaven help you if you have multiple transactions to do.

They claim it is more secure then the one time pin they used to sms to you. How? If your phone has been stolen or cloned, the criminals are still going to be able to respond and the bank has know way of knowing it's not you. All I see it as is an excuse for the bank to blame you if there is fraud "But you responded with the approval message".

Also you have a short time to reply so what happens when the networks are busy and those MMS don't arrive or arrive 30 minutes later?

And are Nedbank going to pick up the tab if you are billed by your cellular provider for responding?

I've voiced my displeasure to Nedbank and they've just come back saying it's mandatory and the usual drivel about "comments on the current usage of the service are much appreciated" and "Approve-IT is a much more secure option than OTP and as such, Nedbank hope to reduce the number of cases of fraud experienced by clients and the Bank." and of coarse this pearler "Approve IT is a mandatory feature that cannot be removed."

But of coarse "We do apologise for any inconvenience caused."

How about they listen to their customers and actually develop systems that can be applied where needed?

They could even go as far as saying we highly recommend this system, but if you don't want it fine but then we exempt ourselves from re-reimbursing any money lost due to fraud committed through your internet banking profile.

/rant

Do other banks have similar systems in place? I'm particularly interested in FNB. I've been with Nedbank for 12 years and I think it's finally time to move on.

Short of complaining to Nedbank via email / web feedback or in the branch every time I run into it, is there anything I can do to actually get something done about it?

Or am I just being a total douche?

Capitec >>> security dongle on your keys >>> happiness
 
http://www.nedbank.co.za/website/content/approveit/index.asp

Will I be charged?

No, the service is free and it will automatically be enabled if you've already activated SMS authentication on your internet banking profile. If you have, however, never activated SMS authentication, please visit your nearest Nedbank branch for assistance.

Nedbank covers the cost of the USSD transaction.
 
Got accounts at all 4 big banks and 2 others and Nedbank and Capitec got no problems at all. Been banking with Nedbank for 30 years. Cant say the same of the other banks. I moved all my debitorders to Capitec and save a small fortune every month, R3-50 per debitorder compared to R17-00 to R25-00 of the other banks. Capitec lowered their admin fees and the other banks hiked theirs.

You receive APPROVE-IT instantly after you press enter. There's no delays. And if I must pay for the comfort of knowing if somebody transact on my account, so be it. The transaction cant be concluded till you approve it. I do however prefer Capitec's system, as I think its still more secure. Their fingerprint identification and the internet token works fine for me.

I'm glad that the Nedbank APPROVE-IT dont cost me money, but I would pay for the peace of mind. No rude surprises.
 
Last edited:
Doesn't make much difference to me... in fact the MMS seemed to arrive faster than the OTP.
 
USSD > SMS. Awesome move from Nedbank. I hate the sms thing with the other banks.
 
It does make use of the cell phone number, you cannot perform any transactions if you are using a other sim/number.
 
@OP: want to change your rant now that you've discovered that it uses USSD and it's free?

I'm happy with the new system, thank you.
 
Top
Sign up to the MyBroadband newsletter
X