• Ideas

  • [Feature wish] Secure IBAN Accounts

Hey everyone
Yesterday I read a together post about getting scammed.
Really sad to see 🙁

The writer also gave a suggestion for "Secure IBAN Accounts". But this suggestion was overlooked by a lot of people.
So here it is, a whole topic with the purpose of secure accounts ;)

What do I want?

Another kind of account. We have personal, joint, savings and slice accounts.
Wouldn't it be nice to have "secure account".

How could this be done

A normal personal-sub account, but with its own pincode or passphrase.

On every transfer you need to enter this code.
Let's say you schedule a repeating transfer. Then of course, you need to enter the code only on creation of this schedule.

So, only people who knows your personal specified IBAN Account Code can transfer money from this account!

But why?

Well...if someone with bad thoughts can log on to your account, then you no longer have control over your own money.
But if you have a "secure" account, then they would need another code to transfer your money ;) It should help against Phishing scams.
And it would just feel a lot safer! 🌈

Please give a thumps up if you would like to see this implemented 👍

    @Lui#159306 i'm puzzeled as to what you mean, as this would be something artificial, not something what would really increase your account security, best is to keep your login and biometrics safe then you are doing something right.

      @DaveFlash#159309 It would increase safety of getting money stolen from this account.

      I think a lot of People have a Savings Account or a account with a lot of money. If these accounts get secured through a second code the money is safer.

        @Lui#159310 yes I understand your idea, but this would only be an artificial security, not something real and tangible, because even that code could be stolen or guessed....

          @DaveFlash#159311 Yes but don’t you think it’s safer then having nothing, if you get scammed?

            @Lui#159312 no, because as someone who just told me, your money is already protected by laws and finencial regulations, as in the bank would reimburse you anyway if it's not your fault. maybe the person who knows this can chime in, over to you @johndo ;_)

              @DaveFlash#159311 Thx for your remark -> it would also be nice to get a notification if someone, on another phone, enters the code wrong.

              So you could change your Codes or contact bunq!

                @DaveFlash#159313 But how long does it take till I get my money back?
                And I think if you get tricked through phishing it’s kind of your fault.

                  @Lui#159306 Hi 👋🏼 L,

                  I understand what you say :)... Personally I think it will make banking more complex because there are now more codes you need to remember and makes the flow less fast.

                  I think in general bunq has plenty of security features in place to protect my accounts, for instance the 4-finger verification that is needed in some cases). And I as a user also contribute to the security of my account of course.

                  But let's say someone hacks my account and transfers money to a different IBAN. In that case I'm protected (in most cases) and bunq will cover my damages. So, as a user I'm overall well protected.

                  But anyway, I can see that it can give some users a more comfortable feeling and less hassle when something goes wrong. So, I will give you my High Five 👐🏼.

                    @JohnDo#159317 Als jij je een API key aan iemand anders geeft en die steelt al jouw geld dan krijg je dat volgens jou vanzelf weer terug van bunq? In welke voorwaarde heb je dat gevonden?

                    Het idee van @Lui#159306 is juist dat er specifieke bankrekeningen zijn waarbij je niet met de "standaard" code kan komen (en -neem ik aan- dus ook niet met de API key) maar dat je daar een aparte code voor kan inrichten. Dus als iemand je API key heeft gejat kan hij wel die 734,56 euro stelen van je dagelijkse bankrekening maar niet de 5432,10 euro op je extra beveiligde bankrekening.

                      Money is money and has the same value, regardless of where you keep it. If you had 100 kilos of gold, would you store 50 on your wardrobe and the other 50 on a bullet-proof locker? Probably not. Everything in the secure locker, I guess.

                      So if there's any security improvement to be made, it should be done on the bunq app and backend systems instead of a dedicated account type. Right at the first access level, not as an added sub-account layer. Creating an account that "is more secure" would automatically make all other accounts less secure. And everyone would end up choosing the more secure option anyways.

                      The question should be more like "if someone with bad thoughts can log on to your account, then you... should make the underlying tech more secure to prevent it from happening in the first place".

                      I think bunq is pretty secure as it is (from an end user point of view, can't tell how it looks like on the backend...).

                        @igoramadas#159323 Through the multiple sub accounts I have a well automated banking experience.

                        I have a savings account with all my money and some other accounts for automating stuff.
                        Every here and then money is getting transferred from the savings account for subscriptions, monthly, weekly, yearly subscriptions. Or every month money for shopping/groceries and so on.

                        That’s a well known banking model for a lot of bunq power users.

                        The Secured account would make it safer for your savings account (the account with most of my money)

                        And that’s just one use case for secured accounts. But I think there are multiple more :)

                          @Lui#159326 I understand. But if you had the option to make all accounts more secure (with such feature), why wouldn't you do so? Why only the Savings and not all the others? If you could make one account more "secure" by introducing another PIN... then why not asking for that second PIN on the login straight away (and bringing the security of all your accounts to that "higher" level)?

                          Maybe there's a use case there and I'm missing something... but not sure if I'm convinced :-) I hold the opinion that bunq should focus on preventing attackers from opening the first door to accounts in the first place. If you find a way to increase security, do it as a global feature and not baked into an account type. For instance, 2nd factor confirmations for all actions that might affect an account's balance in the future.

                            @Lui#159326 Het probleem is natuurlijk wel dat je kan wachten totdat iemand op de website klikt voor een extra verificatie waarbij die tweede code dan nodig is. Dat was in dit geval ook gebeurd als ik het goed begrepen heb. Je hoeft helemaal geen handscan te doen om 1 cent over te maken. Dus de vraag is dan wel of het echt helpt.

                              @JeroenE#159331 That’s probably right. But I think you should never enter these codes anywhere, only for payments/transfers from this account.

                              It’s kind of hard to make a phishing for this kind of code.

                                @igoramadas#159330 Why would you do this?

                                It’s just a hassle to enter your code everytime. Why would I want this?

                                  @Lui#159334 There‘s already the normal login code that should never be entered anywhere but the official bunq app. But people do exactly that and get phished. I think adding another code wouldn‘t result in much change in user behavior here.

                                  Making it harder to login on new devices might be an idea. On the other hand, I also remember many threads on Together about people having this problem in emergency situations already, even though you don‘t even need access to your phone number right now (just any number is fine iirc). But maybe it‘s better to lock out some more legitimate users in order to cut down on some illegitimate. In my eyes it would, but hard to speculate on this without knowing the details behind the scenes.

                                    @Lui#159335 I wouldn't! I'm fine with the actual implementation :-)

                                    What happens if you forget the extra PIN for the secure account? Can you reset it using the usual procedures (2FA, handscan etc)? If so, then we can assume that A: the attacker can also reset the secure code or B: we could simply use the 2FA / handscan features which are already in place, so no changes needed. If you can only reset it by contacting bunq support... then good luck with the waiting times ;-)

                                    But let's think the whole thing through.. Suppose you have one "secure" savings account with 70% of your money, and some other accounts for daily / weekly / monthly stuff. Then you get tricked on some scam (for instance, thinking you were logging in bunq Web, or even worse, the bunq Web gets hijacked). The attacker now access your account, and cashes out on the 30% available on these other accounts. You still have 70%, sure, but you're still missing (temporarily) 30% of your money.

                                    I am 99% certain that if this happened to you (or anyone else), the first reaction would be making all your other accounts "secure" straight away. The end result is that you were still scammed and are (probably) not happy, even if you still have those 70% safe. If you could go back in time and have all these accounts set as "secure" with the extra PIN, you probably would. Hence everyone should simply set all accounts as secure to begin with - no need for the worst to happen. Obviously having that second PIN for all accounts would be a no-go... too much hassle, as you said. And this is why I think it's better to invest time figuring out how to improve security with heuristics, using 2FA, geolocation, triggers based on user behaviour etc etc.

                                      Wasn’t there per-account limits at one time? I assume the code is still there, so maybe a secure account would just be a regular account with a €0 limit. You’d have to do your hand scan or passphrase to move anything out. If someone has access to your account, they probably don’t have access to your hand or passphrase.