Canadian Money Forum banner
21 - 40 of 69 Posts

·
Registered
Joined
·
5,406 Posts
I've been made whole by a big bank due to a hack that could have been an inside job.
Sadly we all pay for this

That's why legacy banks pay 0.01% for your money and they now hold zero reserves in the US

But it's ok because they will refund all the SIM swaps happening everyday (and the hackers are targeting the big accounts not the small fry)

Amazing people are ok with this system
 

·
Registered
Joined
·
12,135 Posts
I doubt big bank losses due to fraud and hacking cost them very much. They'd respond with tactics and systems if it was hurting them much. They already write hundreds of millions off on bad loans.

Big banks only pay as little as what keeps deposits there and in reality, the big banks already borrow in the commercial market for 15-25 bp. Hence 0.2-0.25% ISA rates at the brokerages. They don't need retail as much as we'd like to think so. Low rates is a Bank of Canada issue, not that of the big banks.
 

·
Registered
Joined
·
5,406 Posts
With zero reserve fractional banking and infinite paper money printing nothing really costs anyone anything

Big banks have the perfect business model. At least while there are gullible seniors to scam
 

·
Registered
Joined
·
12,135 Posts
It is far too harsh to say the big banks scam gullible seniors. It's a free world and if some gullible senior wants to stick with the big bank savings account, I personally don't care. Which is why I own good helpings of the stocks of 4 of the big 5. More of us are seeking out the alternatives for our cash reserves, e.g. the HISAs at EQ Bank et al.

The alternatives and fintechs do have to pay more for their capital. They don't have A+ or AA+ credit ratings on their debt. EQ boasts BBB, Home Trust is barely investment grade. The bit players don't even have credit ratings. But this is way off topic yet again. I will shut up now......
 

·
Registered
Joined
·
5,406 Posts
It is far too harsh to say the big banks scam gullible seniors. It's a free world and if some gullible senior wants to stick with the big bank savings account, I personally don't care. Which is why I own good helpings of the stocks of 4 of the big 5. More of us are seeking out the alternatives for our cash reserves, e.g. the HISAs at EQ Bank et al.
CBC has already covered how the big banks employ high pressure sales tactics which means the tellers sign up senior citizens for financial products they don't need.

It's happening both in the US and Canada. In the US the big banks get fined millions for this (slap on the wrist) In Canada I doubt anything ever happened

They also scam everyone by not being transparent with exchange fees. This is now illegal in the US but I don't think Canadians ever did anything yet
 

·
Registered
Joined
·
12,135 Posts
Everyone is pushing product. Insurance companies, door to door vacuum cleaner salesmen.The after-market guy at the auto dealership. Why would banks be different? Some are more blatant like the Wells Fargo disaster which wanders into degrees of ethics and integrity, but ultimately banks are not non-profit charities.
 

·
Registered
Joined
·
12,135 Posts
Should have mentioned it earlier. I am already on Investorline 2.0 so will let y'all know how 2FA works next week....

Just went to 2FA with Scotia iTrade about a month ago....finally...

To repeat what I said earlier, it is time to have better login security credentials and if that is 2FA rather than stupid security questions, I am quite all right going down that path.
 

·
Registered
Joined
·
217 Posts
I am already on Investorline 2.0 so will let y'all know how 2FA works next week..
I've been using it for several months now.

BMO phoning the code was OK as long as (1) my cell was switched on, which it often isn't or (2) my wife was not using the landline, which she often is.

Then they added the multiple question alternative recently - great improvement - best possible from my point of view - but I guess they have found it not safe enough.

So now I have to get a second landline for $20/month - or accept $0.60 several times a day for my PayGo cell - or $xxx a month for a normal cell. Or give up thinking about my account as frequently - or - etc - etc.

Suggestion to BMO - improve the safety of the questions alternative.
 

·
Registered
Joined
·
5,406 Posts
Everyone is pushing product. Insurance companies, door to door vacuum cleaner salesmen.The after-market guy at the auto dealership. Why would banks be different? Some are more blatant like the Wells Fargo disaster which wanders into degrees of ethics and integrity, but ultimately banks are not non-profit charities.
Insurance companies and vacuum salesmen don't have access to your bank account like tellers do

You can see the CBC go public reports from earlier this year. Basically the tellers have high pressure sales expectations like the insurance companies and vacuum sales etc, except they have the ability to just sign you up themselves after some ambiguous conversation with a senile senior citizen

The salesmen can't just sell a vacuum to a senile senior like the bank teller can just make a few clicks
 

·
Registered
Joined
·
12,135 Posts
I've been using it for several months now.

BMO phoning the code was OK as long as (1) my cell was switched on, which it often isn't or (2) my wife was not using the landline, which she often is.

Then they added the multiple question alternative recently - great improvement - best possible from my point of view - but I guess they have found it not safe enough.

So now I have to get a second landline for $20/month - or accept $0.60 several times a day for my PayGo cell - or $xxx a month for a normal cell. Or give up thinking about my account as frequently - or - etc - etc.

Suggestion to BMO - improve the safety of the questions alternative.
Suggestion. Why are you in your BMO Investorline account even once per day?

That aside, I would hope they will institute a 'trusted device' option like Scotia iTrade does with their 2FA. We will see how that plays out.

The 2FA text request with Scotia does not trigger hardly at all when one checks off the 'trusted device' box on the original login from say, your laptop, on your home IP address. I use iTrade's Flight Desk real time Level 2 trading software so most trading days I will go into my iTrade account to load it for the business day to look at the tickers now and then on my 'holdings' list and Alert list so I have the 'trusted device' checked off to reduce the 2FA requests. I would otherwise not want to go into my iTrade accounts daily either and have no issue with a 2FA request a few times per week.

Ultimately, we should all want more login security and that is the default for most? many? FIs these days. Any time I login to my EQ Bank account (once a month or so), I get a 2FA SMS text request despite having checked off the 'trusted device' box. Technically annoying but I prefer the safety of 2FA any day to having a hacked account.

P.S. My cell is never off, except for the occasional re-boot once every 1-2 months. I see no reason to have it turned off (I go to Do Not Disturb if I need it silenced in company, or meetings, or appointments, etc.)

Added: On another forum, it has been stated that 2FA via SMS text is the go to standard in Europe for better login security, so either they have got it all wrong... or the techie geeks here want to create undue hardship for a good portion of the population that struggle with 'technology'. While 2FA may not be perfect, additional security has to be 'user friendly' for the 80+% of the population that is online.
 

·
Registered
Joined
·
4,416 Posts
Discussion Starter · #31 ·
Should have mentioned it earlier. I am already on Investorline 2.0 so will let y'all know how 2FA works next week....
The change in 2FA at BMOIL doesn't have anything to do with INVL 2.0. As noted in post #1, even if you are on 2.0, you have to go back to the original INVL to check or change your phone numbers. The new BMOIL 2FA changes apply to new and old.
 

·
Registered
Joined
·
12,135 Posts
Okay. I missed that part because I've had that in place since I opened my IL account years ago I imagine. Somehow, I seem to have missed the option to perhaps be on 2FA all along?
 

·
Registered
Joined
·
4,416 Posts
Discussion Starter · #33 ·
I've been using it for several months now.

BMO phoning the code was OK as long as (1) my cell was switched on, which it often isn't or (2) my wife was not using the landline, which she often is.

Then they added the multiple question alternative recently - great improvement - best possible from my point of view - but I guess they have found it not safe enough.

So now I have to get a second landline for $20/month - or accept $0.60 several times a day for my PayGo cell - or $xxx a month for a normal cell. Or give up thinking about my account as frequently - or - etc - etc.

Suggestion to BMO - improve the safety of the questions alternative.
As noted in post #1. the 2FA system is changing regardless of whether you are on 2.0 or not.

It would be a real pain if they phoned us every time we logged on? This could be several times a day when researching on other sites because log-ins do time out.

With current 2FA,
  • Do they not recognize your device and as a result call or ask questions every time?
  • Do they first phone your land line and, if not busy, give you a verbal code?
  • Do they leave a message on answering machine if landline is not answered?
  • What determines when they call cell if it is a secondary number?
  • With cell, do they text you a code or is it a voice call?

I hope they come up with a workable system, but so far I have my doubts.
 

·
Registered
Joined
·
4,416 Posts
Discussion Starter · #34 ·
Just a general question about 2FA:

Assume someone, somehow, learns a users log in username and password. Maybe it is written down in your little black book or you stored it on the cloud. They enter your home. Could be a burglar, a visitor or even a family member. They attempt to log into your account. 2FA kicks in and the home phone rings. They pick it up and are given the code.

Not much help. Answering a question only you know the answer to seems more secure.

We should be given several options for 2FA rather than one-size fits all.
 

·
Registered
Joined
·
217 Posts
Why are you in your BMO Investorline account even once per day?
Well only days when I want to of course - several possible reasons - thinking about something - actually making a change or buying/selling - checking details - I use Barchart for routine current info but BMOIL is sometimes needed.

I hope they will institute a 'trusted device' option.
I use a variable VPN for safety and 'trusted devices' don't work with those.

P.S. My cell is never off,,,,,,,,,,,,,,,,,,,,
Why? Mine is never on unless I want to use it. Our landline and internet likewise. We call back at our convenience - which sometimes is immediately. Too many people are subservient to electronics.

.... we should all want more login security.......... I prefer the safety of 2FA .... to having a hacked account.
Totally agree. My best experience now is Lloyds UK - start your sign-in - choose cell voice, cell text or landline voice for use by them within a minute - call comes through with code - enter code - done.

But in the end we are only customers - we are dependent on "them".
 

·
Registered
Joined
·
12,135 Posts
I think most FIs provide at least 2 primary options for 2FA, i.e. phone numbers (cell or landline) and/or email. It appears Europe has gone mainstream with 2FA so until there is a better (or more convenient) mousetrap, that is what we will be living with.

@OneSeat: I understand why many people have their phones shut off when they are not proactively wanting to use their phones. That was always my thinking and mode of operation for years. However, the last few years, mine is now on almost all the time... not because we care to answer the phone portion of the cell (rarely do), but to get the various transaction alerts and notifications I have set up in banking, credit card and brokerage accounts that come to me by SMS text, and 2) to receive SMS, WhatsApp, Messenger et al texts from family and friends. Example: Was out and about the garden this morning and got a text from DIL asking me if I could take her to Emergency. I wouldn't have gotten that message (text or phone) if I had my cell off. Nor would I have been able to text spouse who was driving her own vehicle to advise her what was going on and where I was. Two days ago, I got a short notice call to pick up granddaughter from day care. We are on a cascading alert list for a relative for seizures initiated by a seizure monitoring watch. There are all kinds of reasons to have a cell 'on'.
 

·
Registered
Joined
·
4,416 Posts
Discussion Starter · #37 ·
I think most FIs provide at least 2 primary options for 2FA,
Why I started this thread, was because it seems BMOIL said they will have just one.

BMO InvestorLine is retiring challenge questions as a two-step verification method. Instead, a one-time verification code process will be used as the only method for two-step verification. When prompted, this method will require you to enter the one-time verification code that is sent to your phone, to allow you to access your account.
 

·
Registered
Joined
·
12,135 Posts
I do see online in Security settings where BMOIL is not providing (yet) an email option for the 2FA code. They may have to change that to include an email option once they realize not all DIYers have gone 2020 in their communication methodologies.
 

·
Registered
Joined
·
217 Posts
There are all kinds of reasons to have a cell 'on'.
I agree - but so many users just automatically have them 'on' so they don't miss Rasymski's latest comment and most thinking people don't do that - so banks shouldn't assume it.

Regarding what 2FA system various banks may offer we just have to rely on them - if the flight is going to PEE then we all have to go to PEE.

Seriously - sorry to hear the reasons you have yours on so much - life can be unfortunate at times.
 

·
Registered
Joined
·
4,416 Posts
Discussion Starter · #40 ·
... that's great. Thanks too for asking/checking.
Ok, I received a very quick response! And it 'seems' OK to me. They don't say whether the number to call when away will be available 24/7 considering difference in time zones etc. I imagine it would have to be, but I have asked!

"The two-step verification code will be requested in the situation that you are using a device that you do not usually use, or are accessing the BMO InvestorLine website from a different IP address than you usually do. When you enter the twostep verification code you will have the option to have the system recognize your device. Doing so should greatly reduce how frequently you are prompted for a code. A code will also be requested if your browser's settings are in private or incognito mode. You may wish to check your browser settings and make the appropriate changes to see if it resolves the issue.

If you only have a landline you may receive the code by selecting the voice message option. If you do not have access to a phone and you are unable to receive a text or voice message with the validation code, there is an option available when you call in that indicates this in the two step verification process. You will then be directed to speak with a BMO InvestorLine representative by calling the phone number below (from overseas, call 1-416-281-5400), and a representative will provide you with a verification code which you may enter online."
 
21 - 40 of 69 Posts
Top