Problem with dual authentication and identity verification on US based on-line accounts

[Gecko123]

This problem was specific to Fidelity Investments, but may be applicable to other US on line accounts which require that an identity verification password be sent to your cell phone before accessing your account or authorizing a payment, etc.

 

I turned on the dual authentication feature on my Fidelity account in order to make it more secure. The problem was that I wasn't able to receive the identity verification password on my cell phone, and for many weeks had to call into Fidelity to verbally receive the password (which obviously was cumbersome). My assumption was that the reason I couldn't receive the verification password on my cell phone was because I lived outside the US, and several Fidelity reps told me this was the reason, and there was nothing that could be done about it. There was no way to turn off the dual authentication feature either, even by calling into Fidelity.

 

Finally...while talking this over with a Fidelity rep who had to call me back on my cell phone to verify my identity, it came to light that when dialing an overseas cell phone FROM the US, you have to delete the first "zero." For example, if your cell phone # is 085-555-5555, you dial the country code for Thailand (66) and then 85-555-5555 NOT 085-555-5555. The customer svc rep was able to change my number in the system with the lead zero deleted, and after a 24 hour computer refresh cycle I was able to receive the verification password on my cell phone. If you entered your full 10 digit cell phone number as your phone contact number on your account, there is a good chance that that is what will be used when attempting to send you a verification password, which will likely explain why you can't receive the password overseas. If you're experiencing this problem (and Fidelity said many of their overseas clients have this same problem) I recommend looking into whether your phone number for dialing FROM the US is properly entered on your account, and if not, you can probably call Fidelity (or whatever vendor you're experiencing problems with) and get it worked out.

[Gaccha]

1 hour ago, Gecko123 said:

you have to delete the first "zero

 

I thought this was such a normal part of everyday knowledge that I didn't think anybody could not know this.

[Gecko123]

53 minutes ago, Gaccha said:

 

I thought this was such a normal part of everyday knowledge that I didn't think anybody could not know this.

Do you feel better, Mr Smug? If you called Thailand from the US on a regular basis, yes, you'd probably know this, but you wouldn't necessarily know this if you lived in Thailand and rarely called Thailand from the US. Or if you perfunctorily filled out a phone number field 20 years ago when you didn't know this, and never had occasion to update the phone number because the vendor never had occasion to call you overseas, and it never occurring to you that the format of the number might suddenly become critical when you added dual authentication as a security measure to your account.

 

As I said, Fidelity said many overseas customers experience this problem, so I know I'm not alone. I was just trying to give a heads up to my fellow expats. If you already know this, fine, thanks for smugly dropping in to share your dazzlingly extensive worldliness and technical sophistication. Feel free to run along now.

[EVENKEEL]

12 hours ago, Gecko123 said:

Do you feel better, Mr Smug? If you called Thailand from the US on a regular basis, yes, you'd probably know this, but you wouldn't necessarily know this if you lived in Thailand and rarely called Thailand from the US. Or if you perfunctorily filled out a phone number field 20 years ago when you didn't know this, and never had occasion to update the phone number because the vendor never had occasion to call you overseas, and it never occurring to you that the format of the number might suddenly become critical when you added dual authentication as a security measure to your account.

 

As I said, Fidelity said many overseas customers experience this problem, so I know I'm not alone. I was just trying to give a heads up to my fellow expats. If you already know this, fine, thanks for smugly dropping in to share your dazzlingly extensive worldliness and technical sophistication. Feel free to run along now.

I would suggest maintaining a US number in Thailand. There are many options. I have ultra mobile which gives me unlimited wifi calling in Thailand. It's convenient when your boots hit US soil you have phone service and data.

[Jingthing]

So accounting for the issue of removing the leading 0, Fidelity actually DOES send 2FA texts to Thai cell phones?

[JohnOFphon]

I encounter a similar problem with Capital One credit card yesterday.

My new card has a "tap and pay" feature. 

So when I tried to book a flight on Agoda,, when it came time to pay with the card, it told me to tap my card on my smart phone that is listed with my card account.

The smart phone number is a friends in the U.S.  My card is here and my friends phone is in California. 

No way to pay for the plane ticket using my credit card from here.

I called Capital One and they told me that the 2 step verification could NOT be turned off, or changed to sending me an email instead.

No, they will not allow a phone number from another country.

 

 

 

[Gecko123]

50 minutes ago, Jingthing said:

So accounting for the issue of removing the leading 0, Fidelity actually DOES send 2FA texts to Thai cell phones?

I had to Google 2FA (two factor authentication), but yes, I am now able to get 2FA verification messages on my cell phone from Fidelity. 

 

Just one other thing regarding the "I can't believe you didn't know you dropped the lead zero off your phone number when dialing Thailand from the USA" crowd. Even though nowadays  it appears you can enter your mobile phone number with the zero omitted, I believe  when I entered my phone number decades ago, the data entry field was set up for a three digit area code followed by a seven digit phone number which meant that you basically had to enter the lead zero in order to successfully fulfill the phone number data entry field requirements. My mistake was assuming that Fidelity would never call me as I lived overseas so it wasn't that important. I would also like to point out that when I originally entered my phone number decades ago, 2FA didn't even exist, so it has never even occurred to me that I might need to update my phone number format in their system.

 

I was just trying to help people, because if you turn on the 2FA feature on Fidelity and then they can't send you an identity verification code to your cell phone, you can get stuck in a vortex where there's no way to remove the 2FA feature (because the system requires that before turning off the 2FA feature you have to verify your identity with a code sent to your cell phone, but you can't receive the code on your cell phone and customer svc can't turn off the 2FA feature manually on their end.) It was a hellish Catch-22 loop which required calling in every time I wanted to log on. Everyone at Fidelity was telling me the problem was that I had an overseas number, and it was only by luck that a customer svc rep had to call me back on my cell phone and in the process of double checking the format for dialing Thailand from the US that I realized the lead zero might be the reason I couldn't receive the security 2FA SMS messages. Once my phone number was updated on Fidelity's end in Fidelity's system, I was able to get the verification codes without any problems. 

 

And, again, several Fidelity reps told me that they get calls every day from overseas clients unable to receive verification codes on their cell phones, so I know I'm not the only one who experienced this problem. I only posted about this in an effort to help anyone else who might be experiencing the same problem.

[Jingthing]

10 minutes ago, Gecko123 said:

I had to Google 2FA (two factor authentication), but yes, I am now able to get 2FA verification messages on my cell phone from Fidelity. 

 

Just one other thing regarding the "I can't believe you didn't know you dropped the lead zero off your phone number when dialing Thailand from the USA" crowd. Even though nowadays  it appears you can enter your mobile phone number with the zero omitted, I believe  when I entered my phone number decades ago, the data entry field was set up for a three digit area code followed by a seven digit phone number which meant that you basically had to enter the lead zero in order to successfully fulfill the phone number data entry field requirements. My mistake was assuming that Fidelity would never call me as I lived overseas so it wasn't that important. I would also like to point out that when I originally entered my phone number decades ago, 2FA didn't even exist, so it has never even occurred to me that I might need to update my phone number format in their system.

 

I was just trying to help people, because if you turn on the 2FA feature on Fidelity and then they can't send you an identity verification code to your cell phone, you can get stuck in a vortex where there's no way to remove the 2FA feature (because the system requires that you verify your identity with a code sent to your cell phone, but you can't receive the code on your cell phone and customer svc can't turn off the 2FA feature manually on their end.) It was a hellish loop which required calling in every time I wanted to log on. Everyone at Fidelity was telling me the problem was that I had an overseas number, and it was only by luck that a customer svc rep had to call me back on my cell phone and in the process of double checking the format for dialing Thailand from the US that I realized the lead zero might be the reason I couldn't receive the security 2FA SMS messages. Once my phone number was updated in Fidelity's system, I was able to get the verification codes without any problems. 

One other very important question. Are you on record at Fidelity as U.S. resident with a U.S. address or are you on record there as living abroad with your Thai address? Or some variation of that? 

[Gecko123]

2 minutes ago, Jingthing said:

One other very important question. Are you on record at Fidelity as U.S. resident with a U.S. address or are you on record there as living abroad with your Thai address? Or some variation of that? 

Legal and mailing addresses both in Thailand. 

[bamnutsak]

First off, thank you for sharing your experience, I did not know that Fidelity would/could send 2FA SMSes to our Thai phone numbers.

 

On 3/7/2025 at 3:59 PM, Gecko123 said:

This problem was specific to Fidelity Investments

 

 

You should be aware that with Fidelity you can accomplish 2FA via their app. I use this option most of the time, when logging in on a PC.

 

Fidelity also supports third-party authenticators.

 

GoogleVoice works fine for me with Fidelity, inbound calls to Fidelity, receiving calls from Fidelity, and receiving 2FA SMSes.

 

 

On 3/7/2025 at 3:59 PM, Gecko123 said:

it came to light that when dialing an overseas cell phone FROM the US, you have to delete the first "zero." For example, if your cell phone # is 085-555-5555, you dial the country code for Thailand (66) and then 85-555-5555 NOT 085-555-5555.

 

Just an FYI, you would dial 011 66 85 555 5555, or from a mobile + 66 85 555 5555. Long press the "0" zero key for the "+"

 

 

 

[Thailand J]

1 hour ago, bamnutsak said:

You should be aware that with Fidelity you can accomplish 2FA via their app. I use this option most of the time, when logging in on a PC.

I have to call for OTP to sign on my account on NetBenefits app. Is there another Fidelity app?

[bamnutsak]

4 minutes ago, Thailand J said:

I have to call for OTP to sign on my account on NetBenefits app. Is there another Fidelity app?

 

Yes.

 

https://play.google.com/store/search?q=fidelity&c=apps&hl=en

 

I am not familiar with other fidelity apps nor how their log in/security processes work.