Is there such a thing as <I>too much</I> online security?
As a chap who cuts his cloths using the (usually blunt) tools of the freelance trade, I have to pay my own National Insurance contributions. These are paid direct to HM Revenue & Customs and like all bills, I can pay through online banking. Obviously I'm not the only one paying indecent amounts of money to the Government, so my bank makes payment relatively simple; I don't have to enter any of the account details for HMR&C, just select the correct payment office from a drop-down menu. Easy.
Well, sort of easy. Because my bank makes the process more complicated than it needs to be and I'm not sure why. It takes no less than three passcodes to login to my online banking. Even if some rapscallion hacked my account, I'm not aware of any scam that can be perpetuated by stealing money from my bank account and paying it to HMR&C. Yes, you might consider it daylight robbery that you're paying taxes in the first place, but that's not my point here. What I'm saying is there is no way that a person could profit by transferring my cash into the account of HMR&C.
So. Why do I have to bother with a card reader?
If you've never used a card reader, you slide your debit card into it and enter your PIN to generate a one-time passcode that authenticates new payment details. You can't transfer money to a third party without your debit card and your PIN and this added layer of security makes sense when payments are set up for unverified accounts; somebody could be posing as you and transferring your money to their account. But why do I need the card reader to pay the HMR&C? In this situation, the bank is in absolute control of where the money is deposited; I can't influence where the cash ends up and nor can anybody else posing as me, because the bank holds the account details.
Card readers are relatively straight fioward to use, but what's the point in this situation? Is it a case of pointless belts and braces, or is there a genuine need to make us accountable for every single transaction?