See hidden discussions | Win great prizes | Get free support
I'm not technically savvy but how about linking the IMEI number of the phone to the bank account and not the sim/phone number?
In that way you can swap sim's until you are blue in the face. If you do not have the actual phone you cannot do anything. If you lose your phone then you go through the normal procedure as before.
...put a 48hr hold on payments to any new beneficiaries and a note when you login on the page somewhere showing the pending payments.
Delaying payments is a solution which would have some detrimental economic implications for new businesses.I understand the reasoning behind this but it will be taking step backwards in my opinion.
The banks should improve on the method of authentication. As said, currently the SMS system is linked to the phone number and thus the sim card. They should break away from this and link to the IMEI number which is linked to the phone.
Authentications are thus still sent to the phone no matter whether you change the sim or not. Only way to bypass your authentication process will be to physically steal your phone.
This sort of removes one of the weak links i.e. the service providers from the equation.