Skip to main content

Gold'en rant of the week : Incoming call authentication - who's really calling?

Last Sunday morning I took a call on the home number - flagged up as an 0845 call - from HSBC's credit card department.

The Indian guy told me he was the bank's anti-fraud section and requested to take me through bank security, which involves giving a series of letters and numbers from your banking passwords.

Ever suspicious, I refused and called the guy back. It turned out the call was genuine and someone had tried a fraudulent online charge on

our card account at the Interflora Web site. How ironic...

Naturally I cancelled the cards and a new set are on their way.

I then remembered a news report on the growing problem of US voicemail systems being hacked.

This means that I could have called back on the caller's 0845 number and still be connected with a fraudster.

After chatting about the problem of verifying inbound calls from financial institutions with a few industry pals, it appears there is no real solution to the issue.

Basically there is no sure-fire way of verifying it really is your bank or card issuer calling.

That's not to say the banks and card issuers couldn't develop a system. Unofficially the banks tell me there's no demand for such a service.

Well, I reckon there is - what do you think?

Désiré has been musing and writing about technology during a career spanning four decades. He dabbled in website building and web hosting when DHTML and frames were en vogue and started writing about the impact of technology on society just before the start of the Y2K hysteria at the turn of the last millennium. Following an eight-year stint at ITProPortal.com where he discovered the joys of global tech-fests, Désiré now heads up TechRadar Pro. Previously he was a freelance technology journalist at Incisive Media, Breakthrough Publishing and Vnunet, and Business Magazine. He also launched and hosted the first Tech Radio Show on Radio Plus.