Thema "How to enable photoTAN for login?" in Konto, Depot & Karte

How to enable photoTAN for login?

dbrsn — Mon, 13 Jan 2020 09:37:54 GMT

Hi there,

I am wondering how to make my comdirect account more secure. I have already posted a similar question some time ago. And I received an answer:

in the future the PSD2 regulation also requires a randomly generated component (like a TAN) at login to the account
The current state however is that there is no way to change the password "rules".

As far as I aware, PSD2 is now life, right? Has the situation been changed with PSD2?

What I'm looking for is an improvement in 2 components:

Enable Photo-TAN for login
Give the ability to make a strong password (not this weird 6 numbers thing)

Please, let me know if the situation with weak security in comdirect has been improved.

Thank you,

Denis

Betreff: How to enable photoTAN for login?

baha — Mon, 13 Jan 2020 10:00:50 GMT

Hello,

After PSD2 introduction, a PhotoTAN (or SMS TAN) is required for login every 90 days. Additionally, some actions require a TAN every time, such as looking for account movements older than 90 days or opening the message inbox.

There is still no requirement to use a second factor on each login.

Regards

Bastian

Betreff: How to enable photoTAN for login?

GetBetter — Mon, 13 Jan 2020 16:56:31 GMT

It's funny to see that people always seem to prefer the opposite of what they got.

There are banks out there that require a TAN for each login. And in parallel their online communities are full of complaining customers describing how cumbersome it is to generate a TAN each time just to check the balance.

Personally I prefer the way it is implemented here. Critical activities require a TAN anyway.

Betreff: How to enable photoTAN for login?

dbrsn — Mon, 13 Jan 2020 17:16:37 GMT

That's not what I prefer. I prefer my bank to be customer-oriented and I prefer to give me to chose what kind of user experience I want. The funny thing is that it's extremely easy to satisfy both types of customer:

Add checkbox in settings to enable photo-tan for each login (it's even ok for me if it's disabled by default — I will find my way to turn it on)
Give the ability to use a password with more than 6 numbers (just small change in form and probably simple update in the database)

If you prefer one type of security — it's your choice, not a problem for me. I am just another kind of guy. I prefer to have strong security everywhere where it's possible. You can call me paranoid, but I expect my bank to give me a choice to be paranoic.

Betreff: How to enable photoTAN for login?

baha — Mon, 13 Jan 2020 18:14:00 GMT

Hello,

@dbrsn schrieb:
Add checkbox in settings to enable photo-tan for each login (it's even ok for me if it's disabled by default — I will find my way to turn it on)

I would like to have this option, too!

Give the ability to use a password with more than 6 numbers (just small change in form and probably simple update in the database)

Unfortunately, that change is much more complicated than it looks like. The PIN is also used for identifying customers when they call the support hotline. You have to enter the PIN via your phone keypad and it is verified by the language computer.

For this purpose, a more complex PIN would not be possible to use. So in the end it would be necessary to change customer identification completely or introduce some kind of special "phone support PIN" only used for the hotline.

All of this has been discussed here over and over again, though 😉

Regards

Bastian

Betreff: How to enable photoTAN for login?

einekundin — Thu, 16 Jan 2020 10:16:50 GMT

@dbrsn schrieb:

I prefer to have strong security everywhere where it's possible.

comdirect has decided to handle the login this way, according to

the rules of PSD2.

The majority of the customers agree with this decision.

The knowledge of "PIN" *and* "Zugangsnummer" are necessary to