>
People Who Weaved Themselves into the Tapestry of Your Life
Rep. Massie Proposes NDAA Amendment Preventing Integration of IDF with US Military
Liberals Have Relaxed About Trump Because They Trust Him To Keep the Wars Going
LIVE Coverage of President Trump's Historic Speech Exposing Communist Chinese & Their Allies'
Chinese researchers have developed a sodium-metal battery that can fully charge in just 4 minutes...
SpaceX Starship Flight 13 in 3 Days - Thursday July 13
Chinese Scientists Develop Nuclear Battery Using Carbon-14
Teleoperated humanoid robots complete first-ever live surgery
Floating capsule auto-disinfects water without chemicals or battery
Modular Reactors To Solve Data Center Hysteria?
DeepSeek Developing In-House AI Chip In Bid To Cut Nvidia Reliance
America just took three brand-new nuclear reactors critical in thirty days, a first for any...
Your brain doesn't peak in your 20s after all: Study reveals your mind is at its sharpest betwee
Compasses, not maps: China is building a different type of AI

Part of the emerging generation of fintech startups, the new digital-only banks—colloquially known as the challenger banks by the financial technology "in" crowd—appear to be approaching consumer banking very differently than the existing major main street banks. The question is, how deep does that commitment go?
Trying to get a feel for them then, it's sort of interesting to see some of the same security anti-patterns developing in the challenger banks that exist in the traditional big banks. For instance, one of them just phoned me and asked me to provide personal information for "security verification" before they'd discuss what they were calling me about.
Providing information to someone cold calling you isn't something you should be prepared to do—no matter whether you're expecting the call, or who they say they're calling from. It also shouldn't be something a company asks their customers to do, at least not if they have a solid security culture.
This security anti-pattern is one of the most irritating consumer-facing security problems that large institutions like banks suffer from, as it has the potential—as a pattern—to assist fraudsters attempting to extort data from customers to commit identity fraud. If you're used to handing over your identity in the opening seconds of a phone call, you're far more likely to hand it over to the wrong person.
Unfortunately there really is no way to mutually, and securely, authenticate using a single-channel medium like a phone call. However the digital-only challenger banks have an easy way around this problem, they have an app, and a second channel.
One possible solution then would be to send a push notification "The person you're talking to on the phone is really from your bank" once the the phone call has begun. This is a perfectly reasonable way to prove that the caller is legitimate, after all, making their own app do something while they're talking to you is a decent first-cut at a second channel proof of authenticity.