Sounds like a recipe for disaster.
Why are they using analytics on the login page anyway? Do they not know who their own customers are?
Well, it's like this........
As a Santander customer who can only access my accounts by entering via the A & L web site (though no longer have an A & L account) I can say that from personal experience Santander have not a clue about who their customers are, what they want, or dare I say it why they should even think of trying to access their own money.
The only way I got some of my own money out of them was to keep going through the massed ranks of plonkers till one finally understood that they had set the whole thing up completely wrongly.
No longer the Abbey Habit, now simply Spanish Practices.
Unfortunately it is increasingly difficult to find a real bank.
Some day, I fear, the great Santander system will swallow cahoot too - the only part of their Empire which still has real working systems and real people to resolve issues rather than compound them.
oh and dont get me started
They seem to want me to download some software shite EVERYTIME I log on. I have absolutely no intention of installing whatever crap you throw at me so GIVE ME A DONT PESTER ME AGAIN checkbox.
Same retards at Chase
When I bank at JP Morgan Chase, their website tries to go to doubleclick.com, which I have thoroughly blocked at three levels: my firewall, my hosts file, and AdBlock+.
And since they've recently bought 3 failed banks, I'm sure they have no idea who their customers are. I signed up for their credit card 8 months ago, and yesterday I got no fewer than 3 applications for the same card in my snail mail.
Why does anyone use on line banking?
The terms and conditions are atrocious and they put all the responsibility on you without giving you the slightest way of finding out what's gone wrong...
Why oh why?
Online banking is indeed a fad, surprised anybody would want to use it. I Also find using that plastic cash a needless encumberment, too! And don't get me started on this paper-and-metal-coins malarkey, either.
For me it's pig iron ingots all the way, and animal hides for the change.
Paper money is definitely malarkey, but...
...half crown coins from before 1946 are worth almost six quid today, before 1920, eleven quid. That's just the value of the metal, no numismatic element.
Malarkey it may be..
...but it's a lot quicker than chip'n'pin! When I pay for fuel I take about a tenth of the time that the card payers do.
Let's compare apples with apples eh?
1 if you use a card, then in many petrol stations now you can pay at the pump, thereby avoiding having to go into the booth, and join a hideously long queue at all.
2 if you go into the booth to pay, (and there's no queue) then it might be slightly quicker (takes me about 10-15 seconds) but you will have had to take the time and had the foresight to go to the bank/ATM first, in order to have that cash in your pocket in the first place, and how much longer does that take? 5 - 20 minutes?
So 5minutes to save maybe 10 seconds. Bravo!
That is unless you walk about with your wallet perpetually full of cash, in which case, you've got some balls on you - or too much money :-)
Personally I despise people who go to a pay-at-the-pump station, then dawdle off to the booth (and the queue) to pay, and I'm sat, finished and paid up, at the pump behind waiting to get out because they either didn't pull in close enough to the pump so I could get out, or the station is too narrow.
If all you mugs hadn't signed up for the "rape me" terms and conditions they'd have been forced to introduce something more reasonable...
I've too much money
B: I do walk with my wallet stuffed with cash ( lopsided)
C: I live in a crime-free area
D : What's it to you ?
E : I pay at the pump anyway since I get cash-back on my credit card
F: I always use Internet banking ( with 20 digit passwords)
G: If I went to the booth I'd use credit card (see E)
Polycache.com blocked at firewall level and host files updated to redirect to localhost
now, where's my tinfoil hat..
The day after tomorrow...
...or some other random time will see the brown stuff hitting the propelling device.
'worries to the contrary were "unfounded".'
This suggests an incomplete understanding of the English language. The security risk may not have been realised or exploited, but fears of a security risk were most certainly well founded.
Que? Mr Fawlty? Que?
Slap, slap, slap!
Not the first time
I raised questions about their third-party user tracking years ago and was brushed off.
All 3rd party scripts understood,
All customer data secure,
All pigs fed and ready to fly
Other domains in that script
Including Abbey National, HSBC, Yahoo and more banks including santander.cl.
Time to add polycache.com and advanced-web-analytics.com to the hosts file.
Santander's explanation doesn't wash.
"...since this covered a fraud and security issue...."
So according to them it *is* a fraud and security issue but also nothing to worry about? How does that work then?
Unless of course it's not a fraud and security issue but a cockup and arse-covering one....
It gets worse
The service that replaced the old Abbey online banking site encourages you to download and install "security" software to ensure the safety of your session.
Great. So I have to install local software to secure a single web app?
If it's the same as A&L ...
Of course, the Abbey features may be slightly different in the first place, but you get the idea.
Paint me a stick-in-the-mud, but...
... I don't think it is appropriate for a bank to use third parties for their core business. Now-a-days, that does include online banking.
"Trust" never comes in convenient sixpacks, you know.
someone else has clued up to whats happening here.
Most UK financial / media sites send stuff to third parties for 'analysis'
Not only that it happens within the ssl bit, ie when you have logged on.
Here is my log of the last 24hrs, of the organisations I block
22.214.171.124 4 80 ARIN US ATDN-ISP
126.96.36.199 1 80 RIPE NL NL-KPN-BBT-20000510
188.8.131.52 1 80 RIPE GB YAHOO-IE
184.108.40.206 1 80 RIPE NL NL-KPN-BBT-20000510
220.127.116.11 8 443 ARIN US CORE-DEN-01
18.104.22.168 2 443 ARIN US CORE-ATL-01
22.214.171.124 1 80 RIPE NL Prolexic Technologies Inc
126.96.36.199 12 443 RIPE EU NEDSTAT2
188.8.131.52 1 80 ARIN US OMTR-SJ1
184.108.40.206 1 80 RIPE GB UK-INTERNAP-20000530
220.127.116.11 1 80 RIPE NL NL-NEDSTAT
18.104.22.168 5 80 RIPE NL Prolexic Technologies Inc
22.214.171.124 1 80 ARIN US OMTR-SJ1
126.96.36.199 1 80 RIPE EU NEDSTAT2
188.8.131.52 10 443 ARIN US OMTR-SJ1
184.108.40.206 5 80 ARIN US OMTR-SJ1
Now the organisations will not tell you what they send as its commercially sensitive , but its all legal!!
Change from Alliance and Leicester has caused problems
Over the past few days we had become worried that a large cheque deposited into our on-line account and which a confirmation of receipt was received had not appeared on our list of recent transactions. Calls (0844) to the bank were answered with "It has cleared and will be shown tomorrow" Today after pressing them and suggesting there had been a fault in the changeover they finally admitted that some transactions at the time of the takeover did not make it to the online listing. We subsequently discovered a missing payment from the listing. On checking, the balance however appears to be correct.