Which? has been testing the security of telephone banking services. It made more than 100 calls to nine British banks to see how easy it was to break through the security procedures.
Some banks saw off all attempts, but some of the biggest names fared worse than others.
In the calls, the researchers had not set up passwords, PINs or codes, so the banks were relying on their security questions. The aim was to see how easy it was for a caller to discover details of the account balance or overdraft limit.
Some banks were incredibly robust. First Direct took the top spot. Not only did they ask high-grade security questions, they also asked the caller to go somewhere quiet so they wouldn't be overheard.
Others were less stringent. Which? said that in one in five calls they were only asked the kinds of questions that could be easily answered by someone who had stolen your bag or wallet.
ConcernsTwo banks were highlighted by Which? as having fallen short of their expectations. In one call to Santander, they were asked for nine pieces of information - but the researchers insisted that they were things that would be very simple to get hold of.
The banks highlighted that different levels of security apply depending on what you are trying to do. It is easier to gain information on the overdraft limit - for example - than withdraw the entire balance of the account.
Santander emphasised that it has two levels of security and that the caller only cleared the first one. If they had wanted to carry out any other tasks, they would have had to complete the second level.
Halifax told Which?: "We take security extremely seriously and operate a consistent approach to telephone banking security across the Group's brands. Many of our measures are fundamentally non-visible, and would not be identified in a simple research exercise such as this".
So should you be worried?The good news is that phone banking fraud is declining. The most recent figures show it fell 21% in six months. Clearly there are still some criminals getting through, but the decline shows that in by far the majority of instances, the security checks are protecting customers.
The banks are also making strides in developing telephone banking security. In its wealth-management and investment arm, Barclays is set to roll out voice recognition technology which can recognise a client in 30 seconds from normal conversation. In tests, 95% of people were recognised first time, but if it fails, traditional security methods can be used.
Protect yourselfNeither of these things means you are entirely secure. If someone takes your bag or wallet, it is vital to contact your bank immediately, to prevent them taking advantage of any information or using your cards.
You should also follow sensible security steps. Which? recommends making sure you cannot be overheard when you are telephone banking, never writing down your password or any security information, never responding to an email, call or letter asking for your password, account number or PIN, and checking your statements carefully for anything unexpected.
If you take these steps, you should help protect your account, and can also be confident that if someone was to gain access to your account, your bank would ensure you did not lose out financially.
- New phone security threat unveiled
- Employees 'unaware of cyber risks'
- 'Millions' risk fraud and ID theft through mobile