Lloyds bank insists on sending a pass code to my mobile.

[5davidhen1]

I never used to have a problem logging onto Lloyds website using my laptop --- until about 2 or 3 weeks ago.

They have now begun insisting on sending a OPC to my mobile every time I wish to log on. I am able to receive this (UK sim) but it's becoming annoying. During the log-in process, there is a box "Why do I have to do this?" or words to that effect. I clicked on it and was informed that I would be able to designate my laptop as a "trusted device" after logging on, but I couldn't find any such facility. Incidentally, My laptop always WAS "my trusted device."

I then wasted an hour or more of my time "chatting" to someone whom, it became obvious, didn't know how to resolve the issue. I logged off, and the next time I logged on, there was a message stating that "The OPC had to continue for security reasons." If this is correct, it would have been nice of the chat guy to have told me in the first place. 

However, I am doubting this guy's word because, why, on logging on, would there be a statement averring that this exercise can be skipped by "designating my laptop as my trusted device?"

 

Any ideas?

TIA.

David.

 

[topt]

Do you have a Lloyds Business account? That's the only place I can see where they have that and apparently also a card reader option.

 

I have Lloyds personal accounts and have been receiving OTP (one time password) for more years then I care to remember and no way to remember a "trusted device"

[FritsSikkink]

Ignoring additional security measures to protect your account isn't smart.

[farangbuffalo]

10 minutes ago, FritsSikkink said:

Ignoring additional security measures to protect your account isn't smart.

 

Requesting a 2FA code to make a payment to a new beneficiary is sensible. Asking for one every single time you logon from the same device is stupid.

 

 

[brewsterbudgen]

It can be annoying, although I haven't had any problems with them sending it to my Thai SIM.

 

However, I did a few years back and eventually got locked out of my online account.  I spent around £200 calling their unhelpful 'overseas support line' (the only option).  I complained and, eventually, they repaid the call charges and a token payment for the inconvenience (£75).  It hasn't been an issue since then.

[FritsSikkink]

15 minutes ago, farangbuffalo said:

 

Requesting a 2FA code to make a payment to a new beneficiary is sensible. Asking for one every single time you logon from the same device is stupid.

 

 

No it isn't as there are people who leave their computer on all the time and have clicked on remember password, which is a security risk.

[ukrules]

There's a reason they're getting serious about security and it has nothing to do with protecting you.

 

The bank is going to be liable for any and all fraud unless there's gross negligence on the part of the account holder.

 

So these new steps are to prevent any losses to the bank - it's why they are making it harder to withdraw anything and reluctant to allow large withdrawals, wires, etc

Sometimes you really need to persuade them that you want to do a transfer, and they can deny it - for your safety - which is a lie - it's all about protecting their own arses.

Legislation changes incoming, it will get worse.

 

Quote

In recent years, the UK has introduced new regulations to protect consumers from authorized push payment (APP) fraud, where victims are tricked into sending money to fraudsters. The key changes are:

Mandatory Reimbursement Requirement - October 2024

Starting October 7, 2024, UK banks and building societies will be required to reimburse APP fraud victims within 5 business days in most cases. This rule, announced by the Payment Systems Regulator (PSR) in June 2023, applies to the Faster Payments system where most APP fraud occurs. Key details of the mandatory reimbursement requirement:

• Sending banks will be liable for reimbursing customers, shifting liability away from the account holder in cases of APP fraud

• .
• There is a 13-month deadline for claims, with a maximum reimbursement of £415,000 per case
• .
• Banks can refuse reimbursement only if the customer was "grossly negligent" and not vulnerable

• .

This replaces a voluntary reimbursement code introduced in 2019, which 10 payment providers had adopted.

Delayed Payments to Investigate Fraud - October 2024

Also taking effect in October 2024, new legislation will allow banks to delay certain payments by up to 4 business days if fraud is suspected. This aims to give banks crucial time to gather data, contact customers, and work with law enforcement to prevent fraudulent transactions.

Expansion of Financial Ombudsman Service Powers

The Financial Ombudsman Service reported banking complaints hit a 10-year high in 2023-2024. In response, the ombudsman service's claim limit was raised to £415,000 to match the mandatory reimbursement requirement. In summary, the UK has taken significant steps since 2023 to better protect consumers from APP fraud by shifting liability to banks, mandating timely reimbursement, allowing delayed payments to investigate, and expanding the financial ombudsman's powers. The goal is to incentivize banks to improve fraud prevention while ensuring customers are made whole if they fall victim to increasingly common scams.

Source : Perplexity Pro - so no link.

[nglodnig]

I'm with Lloyds Internation (IoM) and OCCASIONALY get a OTP by a phone call - but that after that not. I don't know if the request is done at random or some cookie/cache clearing thing happened on mt brwoser

 

[CanadaSam]

Dunno if I'm strange, but I get a warm and fuzzy reassured feeling when I get an OTP on my mobile phone.

 

It tells me that somebody would need to know my username, password, and also be able to open my mobile phone to gain access to my accounts.

 

More security the better, IMO, when it comes to my money!

[MangoKorat]

You won't be successful in requesting they stop requiring a OTP but most UK banks will send the code to your e-mail address if you ask them. I could not receive OTP's for years as I live in an area with no mobile signal.  I was only when my bank agreed to send OTP's by e-mail that I could fully use online banking.

[scubascuba3]

1 hour ago, farangbuffalo said:

 

Requesting a 2FA code to make a payment to a new beneficiary is sensible. Asking for one every single time you logon from the same device is stupid.

 

 

I have a similar issue with another bank, each time OTP, issue with fingerprint now so have to use password each time

[oliverphoenix2]

Check your browser settings, if your browser settings are set to clear your cache/cookies when you close your browser then your device isn't recognized as "trusted" the next time you log in and the bank may require you to verify with a OTP. 

[Khyron]

It may be annoying, but it is a small price to pay to help secure your money. If your account was hacked by not having this enabled, you would kick yourself for not taking the extra time.

[scubascuba3]

1 hour ago, oliverphoenix2 said:

Check your browser settings, if your browser settings are set to clear your cache/cookies when you close your browser then your device isn't recognized as "trusted" the next time you log in and the bank may require you to verify with a OTP. 

I didn't see any option for that for Chrome and Brave, but there in an option for blocking 3rd party cookies

[The Fugitive]

15 hours ago, CanadaSam said:

Dunno if I'm strange, but I get a warm and fuzzy reassured feeling when I get an OTP on my mobile phone.

 

It tells me that somebody would need to know my username, password, and also be able to open my mobile phone to gain access to my accounts.

 

More security the better, IMO, when it comes to my money!

Totally agree! Since my Google bookmarks and passwords were hacked a couple of years ago I think that way too. I receive my OTP's via a VOIP service. Not the most secure as they are received on more than one device in my case. Also, receiving OTP's on the same device that you use for your mobile banking apps is obviously convenient but less secure.

[topt]

3 hours ago, scubascuba3 said:

I didn't see any option for that for Chrome and Brave, but there in an option for blocking 3rd party cookies

On Windows  - Brave click the lion shield item (top right on my set up) and there is a setting to Forget me when I close this site or go into Settings and under Privacy there are a number of settings.

On Android -Brave -Settings- Brave Shields and Privacy - Clear data on exit button. 

Also Settings - Site Settings - Content

[5davidhen1]

Many thanks to all respondents.

Security is MY responsibility and I never leave browsers open. I am always very careful when it comes to financial matters.

I have accounts with various other financial institutions --- none of which insist on sending OTPs every time I log on --- only if I change my browser or clear my cache.

I NEVER allow sites to remember my passwords, always entering them myself each time I log on.

All of my accounts are personal ones --- I don't have any business accounts.

I agree with the answers from some respondents but I reiterate what I said in my post --- If it's not possible to designate my laptop as a trusted device, why is there a suggestion to the contrary when starting the login procedure?

Also, as stated in my post, this has only recently begun.

David.

[5davidhen1]

8 hours ago, oliverphoenix2 said:

Check your browser settings, if your browser settings are set to clear your cache/cookies when you close your browser then your device isn't recognized as "trusted" the next time you log in and the bank may require you to verify with a OTP. 

No, my browser is not set to clear each time I log off or close my session.

[topt]

6 hours ago, 5davidhen1 said:

I agree with the answers from some respondents but I reiterate what I said in my post --- If it's not possible to designate my laptop as a trusted device, why is there a suggestion to the contrary when starting the login procedure?

Interesting that I don't see this at all. After posting I actually checked and unless it is something to do with my browser settings then is definitely not an option for me. This seems strange to me considering it is the same bank but there we go.

You do get used to it after a while........

[5davidhen1]

26 minutes ago, topt said:

Interesting that I don't see this at all. After posting I actually checked and unless it is something to do with my browser settings then is definitely not an option for me. This seems strange to me considering it is the same bank but there we go.

You do get used to it after a while........

After the memorable info' page, there is a box on the right titled "Help and support." Click on this box, then click on "Why do I need to do this?" Read the 2nd paragraph.

[Keeps]

8 hours ago, 5davidhen1 said:

Many thanks to all respondents.

Security is MY responsibility and I never leave browsers open. I am always very careful when it comes to financial matters.

I have accounts with various other financial institutions --- none of which insist on sending OTPs every time I log on --- only if I change my browser or clear my cache.

I NEVER allow sites to remember my passwords, always entering them myself each time I log on.

All of my accounts are personal ones --- I don't have any business accounts.

I agree with the answers from some respondents but I reiterate what I said in my post --- If it's not possible to designate my laptop as a trusted device, why is there a suggestion to the contrary when starting the login procedure?

Also, as stated in my post, this has only recently begun.

David.

On two recent non banking apps (NHS + one other) I have had the simple option of a tick box to designate my laptop as a trusted device. This appeared at log-in stage after entering the initial OTP. However, I do clear my cache/cookies fairly frequently and I do then have to go through the process again. 

[treetops]

On 8/8/2024 at 5:10 AM, 5davidhen1 said:

However, I am doubting this guy's word because, why, on logging on, would there be a statement averring that this exercise can be skipped by "designating my laptop as my trusted device?"

 

I have the same with TSB who may still be using legacy Lloyds systems, although I've had it for a few months now not just a few weeks.  I select trusted device every time but it doesn't stick.  I don't clear my cookies (Firefox) and can see TSB currenly have 52 cookies stored for me so it's not that.

 

Have you changed your laptop recently?  I did earlier this year but not sure if it was the same time as I started seeing this issue.

 

Edited August 11 by treetops

[5davidhen1]

10 hours ago, treetops said:

 

I have the same with TSB who may still be using legacy Lloyds systems, although I've had it for a few months now not just a few weeks.  I select trusted device every time but it doesn't stick.  I don't clear my cookies (Firefox) and can see TSB currenly have 52 cookies stored for me so it's not that.

 

Have you changed your laptop recently?  I did earlier this year but not sure if it was the same time as I started seeing this issue.

 

No, I've had this laptop since April '22 --- purchased in Tukcom, Pattaya. I went home --- no problem. I returned to Jomtien in March '23 --- no problem --- until recently.

[treetops]

6 hours ago, 5davidhen1 said:

No, I've had this laptop since April '22 --- purchased in Tukcom, Pattaya. I went home --- no problem. I returned to Jomtien in March '23 --- no problem --- until recently.

 

What browser are you using?  I just tried it using Chrome and it works as it should so could be browser related.

[5davidhen1]

1 hour ago, treetops said:

 

What browser are you using?  I just tried it using Chrome and it works as it should so could be browser related.

OK, so I just tried Chrome and, as expected, I needed to receive a OTP. I'll use Chrome next time I log on, and repot back to you.

[5davidhen1]

2 minutes ago, 5davidhen1 said:

OK, so I just tried Chrome and, as expected, I needed to receive a OTP. I'll use Chrome next time I log on, and repot back to you.

Nope, still the same. I guess I'll just have to put up with the small inconvenience.

[5davidhen1]

Resolved!!! All by itself.

 

Amazing! I logged on this morning, expecting to be given a OTP --- but was taken straight to the website. I logged off, and on again just to see if it was the same, and it was.

 

I guess it must have been a glitch at Lloyds, and that someone at their end has just decided to rectify it.

 

[treetops]

2 hours ago, 5davidhen1 said:

Resolved!!! All by itself.

 

Amazing! I logged on this morning, expecting to be given a OTP --- but was taken straight to the website. I logged off, and on again just to see if it was the same, and it was.

 

I guess it must have been a glitch at Lloyds, and that someone at their end has just decided to rectify it.

 

 

Yes, fixed for me too.  I needed the OTP at initial login, told it to trust the device as usual then logged out.  Next login did not require the OTP.

[treetops]

Back to square one again today with the OTP required.

[5davidhen1]

20 hours ago, treetops said:

Back to square one again today with the OTP required.

Oh dear.

I'm still OK, continuing to use the Edge browser.

You said yesterday, that you were asked to "Trust this device." I wasn't even asked to do this.

It's got to be a glitch at Lloyds end.