A Debit Card That Simply Works?

GordonD on 14/03/2025 - 10:23

I'm looking for a bank that has security that isn't in the hands of incompetent idiots.

Any suggestions?

My debit card is with People First. Whatever it calls itself now it wants to call itself a bank not just a credit union.

Needed to pay a bill. Invoice said they only accepted direct deposit. Tried logging into to my internet banking and doing that, but it demanded my "secure access code". Apparently to do a direct deposit you have to have a device or app that generates a one time code. What everyone else does using 2FA with an SMS or email. OK, fair enough, so I tried to send them a message from inside my logged on internet banking app, to tell them I needed one of these gizmos, and they told me I needed a secure access code to even send them a message to ask how I could get a secure access code. Started getting annoyed.

Ended up paying the bill by getting in the car and going to one of their branches and getting actual cash from them, then driving to a branch of the tradey's bank and depositing it. So much for the convenience of internet banking. What got me even more annoyed about that was that when I went into my bank's branch to get the cash they made no attempt to verify the person in front of them wanting to withdraw $1510 from the card was the cardholder. None whatsoever. The card could have been nicked, and whoever nicked it could have emptied my account. Obstructive security here, none whatsoever there. Zero out of two right. Idiots.

So I decided to move all my banking to the other bank, St George (=BankSA =Westpac), that I have a credit card with. But before I did I checked their internet banking didn't require crap like secure access codes. But I was told I couldn't log on "from where I was". They were blocking my IP address. Rebooted my phone, and got another IP address. Still blocked. Another. Still blocked. For whatever reason they were blocking all 1.147.xxx.xxx addresses. Which is everyone who was trying to access their internet banking through a Telstra phone.

Their blocking message said to ring a 1300 number, select option 3, and quote a code and the IP address that was blocked, and they'd unblock it. But obviously the same thing would happen again for the next IP address Telstra dynamically allocated me. To add injury to insult, calling that number got me a message that said I had to select 1 or 2. Press 3 and I just got the same "press 1 for this or 2 for that" message repeated, like I'm the idiot. Not them for giving probably already annoyed customers instructions that they haven't made sure actually work.

Internet banking that you can't actually use because they've let a bunch of idiots go stupid with security isn't a lot of use.

Any suggestions?

Do other banks use anything like secure access codes that I should watch out for?

I don't care about the highest interest rate, or whatever OzBargainy thing some people think is important. I just want it to actually work when I need it to work. Pension in. Payments out. No fuss. No raised blood pressure.

Financial Debit Card

Comments

LanceVance on 14/03/2025 - 10:25

+7

I've been with commbank for as long as I can remember. Can't recall having any of the issues you mentioned with their simple debit mastercard.
- GordonD on 14/03/2025 - 11:23
  
  Given its reach, that's probably a good suggestion. Unfortunately we have history.
- foxmulder on 14/03/2025 - 13:22
  
  What saving interest they offer?
- goody on 15/03/2025 - 10:52
  
  +1
  
  I use CommBank - along with others - amazes me CBA does not have 2FA to sign in or an authenticator app.
Downvoter on 14/03/2025 - 10:26

+28

Old man yells at cloud.
- GordonD on 14/03/2025 - 11:38
  
  -4
  
  The funny thing is, it didn't achieve anything complaining to the local St George/BankSA /Westpac branch, but the blocking on accessing my St George internet banking disappeared within half an hour of yelling at the OzBargain cloud. Of course some people might call that a coincidence.
- jv on 14/03/2025 - 13:34
  
  Old man yells at cloud.
  
  Amazon Web Services ?
dtc on 14/03/2025 - 10:40

+1

So you complain about the in bank withdrawal not requiring any identification check, but do not want any security for online activities?

Most banking apps require you to log in (which you can do via face ID or a passkey if you want better security, or just a PIN) and then you are free to do whatever you want. However some banks do ask for additional 2FA if you are making a large payment to a new payee or to an overseas payee - I havent checked if you can get out of that because you probably dont want to unless you are happy with the increased fraud risk.

I've never heard of anyone having the same problems as you and obviously there are 30m+ bank accounts around. So…
- GordonD on 14/03/2025 - 11:25
  
  -1
  
  So you complain about the in bank withdrawal not requiring any identification check, but do not want any security for online activities?
  
  Not what I said. What I said was so much in one area that I couldn't get at my money. So little in another than anyone could have. There's a right level of security. Online: login + password + maybe 2FA by email or SMS. Face to face: card + photo id.
  - freefall101 on 14/03/2025 - 16:35
    
    +1
    
    Far too many people were scammed by phone hijacking for 2FA via SMS to be effective. It's alright for the average website, but not for your cash.
    
    Happened to a friend of mine, someone got the last 4 digits of her credit card from one company, was able to take over her phone account, reset her bank login and went on a spending spree. It's not secure.
    
    There's a right level of security, but it's also 2025 where monetary transactions can happen from anywhere and be covered by a VPN to make it look like the relevant country. They can attack at it 24/7.
    
    Someone stealing a card and doing a cash withdraw in front of a million cameras isn't exactly going to cost the bank much, once you report your card lost it all goes to the cops. It's not like ATMs ask for photo ID either, just a basic pin someone can get from looking over your shoulder.
klaw81 on 14/03/2025 - 10:41

+1

My primary bank has always been Credit Union Australia (now trading as Great Southern Bank).

I have never experienced any issues like the ones you've described. However, when I do have an issue I've always been able to walk into my local GSB branch and have been treated like a valued shareholder rather than an inconvenient idiot. And I've spent enough time in there to know they do that with every customer who walks in the door.

I can't recommend them enough, and several of my family members have switched to them over the years because of the service, and because their rates are usually better than the big 4.
- jv on 14/03/2025 - 13:34
  
  My primary bank has always been Credit Union Australia
  
  Did you switch when you started High School ?
7ekn00 on 14/03/2025 - 10:44

-1

The Big 4 are called the Big 4 for a reason ;) But you seem to avoid them …

I doubt anybody has such problems with ANZ, NAB, CBA or Westpac :/
- modbutcher on 14/03/2025 - 10:56
  
  -1
  
  Go have a look Big4 trust reviews and product reviews, they all struggle with overly tight security, and it’s only going to get harder from here.
tenpercent on 14/03/2025 - 10:45

+1

It's going to get worse. I don't know if other banks use secure access codes, but AMP is introducing 'tokenisation' (oooo ahhh fancy buzzword sounds technical right - get your napkins ready to wipe away the corporate drool) and biometrics (oooo ahhh) instead of card numbers with ther Mastercards. https://www.abc.net.au/news/2025-02-04/mastercard-credit-car…
You will need an approved device with an approved operating system, an approved internet connection and a big authentic smile.
AMP could simply introduce virtual cards like Wise and others use, but they've decided that's too simple and effective as a solution to the purported problem and instead are opting to create an even more attractive hacking target instead (there's no changing your biometric signatures once they're stolen, only old-timers change their passwords when big corporations get hacked).
I suggest moving away from banks like People First, St George and AMP and telling them explictly why you are do so (if no one gives them customer feedback, they will all just continue on their merry way becoming even more controlling and privacy invasive).
modbutcher on 14/03/2025 - 10:50

-1

More security usually just means more hassle until the scammers figure out how to get around it. Then the bank tightens things up again, and the scammers spend ages trying to crack it. It’s a never-ending cycle. Eventually, the security might get so strict that you'll be getting false positives. I had a similar issue recently with a blocked IP range, but since I’m in IT, I just chucked on a premium proxy, and it sorted itself out.
- tenpercent on 14/03/2025 - 11:09
  
  +1
  
  How does one
  
  chuck on a premium proxy
  
  ?
- GordonD on 14/03/2025 - 11:27
  
  What I couldn't figure out is how they could have been blocking that whole block of Telstra dynamically allocated IP addresses without being flooded with so many complaints they realised they'd screwed up.
kmwa on 14/03/2025 - 12:39

-1

Don't bother with ANZ.
They are withdrawing the debit card that we use to get money out of ATMs.
"Important information about the cancellation of your ANZ Access card
As you may be aware from recent updates to ANZ’s terms and conditions, from June 2024, ANZ Access cards will be phased out in stages.
This follows the Reserve Bank of Australia’s (RBA) announcement that banks should only issue certain types of debit cards to ensure transactions can occur via both an international debit network (such as Visa or Mastercard) and the domestic eftpos network."
ANZ say that if we want to get cash out of our account, we need to go into a branch.
Like in the 1960s.
- surfingedge on 14/03/2025 - 14:58
  
  +1
  
  Why can't you get an ANZ Visa debit card?
  
  I didn't know ANZ still issued cards that didn't work with Visa or MasterCard. I thought those were all gone by 2013 or so.
  - Agarwal on 14/03/2025 - 16:22
    
    -1
    
    Yes, sounds like this isn't a debit card at all but rather just an EFTPOS card………………………………………………………….
wots on 14/03/2025 - 12:58

+3

I use ANZ and Up Bank (=Bendigo and Adelaide Bank). Even though Up is marketed towards younger people (and I'm not one), I think their app is brilliant. It's easy to use and has everything you need. You get a physical debit card and can add digital debit cards. They use SMS codes, but only when setting up the app.
- Lurk Hartog on 15/03/2025 - 08:53
  
  +1
  
  +1 for Up Bank.
JimB on 14/03/2025 - 13:13

+1

I've never had an issue with CBA, NAB, Westpac or Macquarie.

If I was to start over again, I'd go Macquarie. CBA and Macq requires you to install the app for 2FA. I prefer that than Banks who use SMS 2FA.

SMS can be hacked. Or if you're travelling OS, need to have Global roaming in place to receive SMS's to authorise payments.
- goody on 15/03/2025 - 10:56
  
  I have a couple of throw-away debit cards for online etc (ING and BankWest).
  Also have CommBank and Macquarie.
  Big fan of Macquarie with the authenticator app - plus the ability to note details onto your statements and general ease of use.
  If I had to pick one it'd be Macquarie - also getting 4.75% on the savings account - so can't complain about that.
jv on 14/03/2025 - 13:33

+2

A Debit Card That Simply Works?

Which ones don't work?
- Baysew on 15/03/2025 - 14:59
  
  Basics Card
Wiadro on 14/03/2025 - 13:44

+1

lol what
surfingedge on 14/03/2025 - 14:53

I have transaction accounts with a debit card with 8 different Australian banks and have never had any of the problems you mentioned.

Earlier today I had a 1.147.x.x IP address and had no trouble logging into St George.
MS Paint on 14/03/2025 - 15:42

+5

Another boomer only issue.
Hardlyworkin on 14/03/2025 - 16:37

+3

User error
qtr pounder on 14/03/2025 - 22:28

+3

When you were in the branch you should have asked them to sort out whatever you needed to do to get the secure access code working.
tabitha731 on 15/03/2025 - 08:12

+2

And yet you would be the very loudest person if any money suddenly disappeared from your account, coz your current bank/credit union has various security (albeit an imposition to access your own money)in place to protect you. Suck it up.. it’s just the way of security these days, the more you simplify how you are able to access your own account, by dealing with tradies who have a way to pay them without a ridiculous amount of hurdles, and maybe just putting in place your own security methods so u don’t get inconvenienced like this again.
footscrayvic on 15/03/2025 - 09:20

Wise card.
Quick to apply
Easy to use
Virtual cards that you can freeze when not in use
Quick cheap currency conversion when you are OS.
Haulien on 15/03/2025 - 10:03

+3

What you want:
"security that isn't in the hands of incompetent idiots."

What they have:
"What everyone else does using 2FA with an SMS or email."

I'd say your bank is more secure than anyone else doing 2FA via email or sms (the 2 most insecure and most phished forms of communication used today)
Mugsy on 15/03/2025 - 10:15

OP, do yourself a favour and do your direct debits using a Macquarie transaction or savings account. They're one of the few banks that allow direct debits from a savings account, the debit card has no international transaction fees (great for online purchases and for use when you're traveling overseas), you're rebated ALL domestic ATM withdrawal fees, you get 2.5% interest on the transaction account (higher on the savings) and their mobile app and mobile authenticator is one of the better ones around (for starters, you can have the authenticator on more than one mobile device or android emulator… but scammers won't be able to install it as everything after the first install requires authentication from an existing install which they shouldn't have if you manage your trusted devices properly).

I would not go with a bank that relies on SMS or email OTPs… it's too easy for scammers to hijack your mobile number or even get into your email account.

The only thing that is annoying about Macquarie is that they don't support the EFTPOS network meaning getting out cash at the supermarket or getting your Medicare refund directly onto your card after a doctor's visit isn't possible, and they currently don't support bank@post (this is being negotiated on by the Feds). Note that you can still pay for stuff with the card on EFTPOS machines as it uses the Mastercard network to pay. For the stuff that Macquarie don't support, you can use your People's Choice card.

If you have People's Choice account on the basis that you have a loan/offset account with them, keep most of your money there and move just enough into the Mac account to deal with direct debits. That's what I do. Set up a monthly transfer for each bill. If you cancel the direct debit, you can cancel the corresponding transfer.

If you really want to up your debit card game, look into HSBC's everyday global debit card that offers a 2% cashback on all sub $100 card taps. Great for paying for things when there's a card surcharge.
Triceratops on 15/03/2025 - 11:05

I've been with St George for 45 years and use internet banking every week. I've never had an issue with IP address ever. Maybe it's because you have not logged on regularly and it is being more cautious.
- GordonD on 15/03/2025 - 15:28
  
  Thank you for a useful suggestion. I haven't tried to do any internet banking on that account for a while. That might be it. Maybe it did achieve something to yell at the OzBargain cloud.
  
  On the possibility you were right I tried getting in again and all that had changed was the message I was getting. It had changed from "you can't get access from this location" to "if you want to get access from this device …". Then I went to another PC on my LAN - same router IP address - that I've never used for internet access it it logged straight in.
  
  So thanks, the problem appears to be solved. Its security idiots doing something, but not explaining to the person they are doing it to what they are doing and why, and giving them instructions to sort it out that don't work.
  
  So to misquote the movie Dr Strangelove", YOU HAVE TO TELL PEOPLE!
  
  Stop press: but it still doesn't solve the problem on the computer I actually use for internet access. Its still locked out.
  - soan papdi on 15/03/2025 - 21:28
    
    Won't change the IP address but have you tried a private/incognito window?
    - GordonD on 15/03/2025 - 21:57
      
      Yep, that works to get around whatever St George is doing and however its doing it. I can log in from a private window. Between that and what I did, try another PC, it appears to confirm that whilst St George says its blocking the IP address, its actually blocking the PC. Probably for the reason Triceratops suggested.
      
      Thanks to you two guys for being helpful.
      - nosey on 15/03/2025 - 23:56
        
        @GordonD: My wife had issues today doing an overseas money transfer from her St George internet banking. Turns out shes only ever used the app on phone over last 2 years and was first time actually using internet banking so it flagged as fraud. She spent 30mins on phone sorting it out.
lew380 on 15/03/2025 - 14:49

-2

It's a little annoying with all that 2fa stuff, a new phone can be another annoying setup process. But it's all good security and a few mins each month, isn't anything worth crying about. Your making things really hard for yourself, just learn the system, install the stupid microdft code app whatever they need and move on with your life.
movieman on 15/03/2025 - 22:13

Up Bank.

The card is simply exactly what I needed. Works, doesn't muck you around.

No issues to date.
belongsinforums on 16/03/2025 - 00:44

cba used to sell a token generator. it was awesome to not rely on SMS or auth apps to login. pretty sure they canned it

A Debit Card That Simply Works?

Comments

New Forum Topics