Reply to post: Re: This is this bank

I couldn't possibly tell you the computer's ID over the phone, I've been on A Course™

Kiwi Silver badge

Re: This is this bank

And the privacy/information regulators in both countries have green flagged this when queried?

Thus far, they take the word of the websites who use this over the word of the people complaining. The websites say "it's your bank's own site".

You can see a screenshot of a fake poli-pay transaction at the enter bank details page here. For comparison, here is a shot of the ANZ login page

Not many differences. Style, colour, URL... Nothing much.. I forgot to record the URL of the poli pay submit button, but trust me when I say the URL it sends to is not "???.anz.co.nz" nor "???.anz.com.au".

A couple of banks have told customers it's not acceptable, where customers have asked. The banking ombudsman's office isn't interested, most of the banks aren't interested, and the organisations involved aren't interested. They all claim innocence, that it's above board, goes direct to the bank, and what would someone with web-developer or computer security experience know? The company and the government say otherwise so that must be true, and no matter what evidence web devs or security pros show they're wrong. It's all above board, nothing to see here, move along please.

El Reg - where's the icon with tears of frustration/despair over the self-inflicted fate of humanity?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2019